Advertisement

More Efficient (Almost) Tightly Secure Structure-Preserving Signatures

  • Romain Gay
  • Dennis Hofheinz
  • Lisa Kohl
  • Jiaxin Pan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10821)

Abstract

We provide a structure-preserving signature (SPS) scheme with an (almost) tight security reduction to a standard assumption. Compared to the state-of-the-art tightly secure SPS scheme of Abe et al. (CRYPTO 2017), our scheme has smaller signatures and public keys (of about \(56\%\), resp. \(40\%\) of the size of signatures and public keys in Abe et al.’s scheme), and a lower security loss (of \(\mathbf{O}(\log Q)\) instead of \(\mathbf{O}(\lambda )\), where \(\lambda \) is the security parameter, and \(Q=\mathsf {poly}(\lambda )\) is the number of adversarial signature queries).

While our scheme is still less compact than structure-preserving signature schemes without tight security reduction, it significantly lowers the price to pay for a tight security reduction. In fact, when accounting for a non-tight security reduction with larger key (i.e., group) sizes, the computational efficiency of our scheme becomes at least comparable to that of non-tightly secure SPS schemes.

Technically, we combine and refine recent existing works on tightly secure encryption and SPS schemes. Our technical novelties include a modular treatment (that develops an SPS scheme out of a basic message authentication code), and a refined hybrid argument that enables a lower security loss of \(\mathbf{O}(\log Q)\) (instead of \(\mathbf{O}(\lambda )\)).

Keywords

Structure-preserving signatures Tight security 

References

  1. 1.
    Abe, M., Chase, M., David, B., Kohlweiss, M., Nishimaki, R., Ohkubo, M.: Constant-size structure-preserving signatures: generic constructions and simple assumptions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 4–24. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34961-4_3CrossRefGoogle Scholar
  2. 2.
    Abe, M., Chase, M., David, B., Kohlweiss, M., Nishimaki, R., Ohkubo, M.: Constant-size structure-preserving signatures: generic constructions and simple assumptions. J. Cryptol. 29(4), 833–878 (2016).  https://doi.org/10.1007/s00145-015-9211-7MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Abe, M., David, B., Kohlweiss, M., Nishimaki, R., Ohkubo, M.: Tagged one-time signatures: tight security and optimal tag size. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 312–331. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36362-7_20CrossRefGoogle Scholar
  4. 4.
    Abe, M., Fuchsbauer, G., Groth, J., Haralambiev, K., Ohkubo, M.: Structure-preserving signatures and commitments to group elements. J. Cryptol. 29(2), 363–421 (2016).  https://doi.org/10.1007/s00145-014-9196-7MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Abe, M., Groth, J., Haralambiev, K., Ohkubo, M.: Optimal structure-preserving signatures in asymmetric bilinear groups. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 649–666. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_37CrossRefGoogle Scholar
  6. 6.
    Abe, M., Hofheinz, D., Nishimaki, R., Ohkubo, M., Pan, J.: Compact structure-preserving signatures with almost tight security. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 548–580. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63715-0_19CrossRefGoogle Scholar
  7. 7.
    Acar, T., Lauter, K., Naehrig, M., Shumow, D.: Affine pairings on ARM. In: Abdalla, M., Lange, T. (eds.) Pairing 2012. LNCS, vol. 7708, pp. 203–209. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36334-4_13CrossRefGoogle Scholar
  8. 8.
    Attrapadung, N., Hanaoka, G., Yamada, S.: A framework for identity-based encryption with almost tight security. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 521–549. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48797-6_22CrossRefGoogle Scholar
  9. 9.
    Barreto, P.S.L.M., Costello, C., Misoczki, R., Naehrig, M., Pereira, G.C.C.F., Zanon, G.: Subgroup security in pairing-based cryptography. In: Lauter, K., Rodríguez-Henríquez, F. (eds.) LATINCRYPT 2015. LNCS, vol. 9230, pp. 245–265. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-22174-8_14CrossRefGoogle Scholar
  10. 10.
    Belenkiy, M., Chase, M., Kohlweiss, M., Lysyanskaya, A.: P-signatures and noninteractive anonymous credentials. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 356–374. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78524-8_20CrossRefGoogle Scholar
  11. 11.
    Bellare, M., Boldyreva, A., Micali, S.: Public-key encryption in a multi-user setting: security proofs and improvements. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259–274. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-45539-6_18CrossRefGoogle Scholar
  12. 12.
    Bellare, M., Goldwasser, S.: New paradigms for digital signatures and message authentication based on non-interactive zero knowledge proofs. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 194–211. Springer, New York (1990).  https://doi.org/10.1007/0-387-34805-0_19CrossRefGoogle Scholar
  13. 13.
    Blazy, O., Fuchsbauer, G., Izabachène, M., Jambert, A., Sibert, H., Vergnaud, D.: Batch Groth–Sahai. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 218–235. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13708-2_14CrossRefGoogle Scholar
  14. 14.
    Blazy, O., Kiltz, E., Pan, J.: (Hierarchical) identity-based encryption from affine message authentication. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 408–425. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_23CrossRefGoogle Scholar
  15. 15.
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: 20th ACM STOC, pp. 103–112. ACM Press, May 1988Google Scholar
  16. 16.
    Boneh, D., Mironov, I., Shoup, V.: A secure signature scheme from bilinear maps. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 98–110. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36563-X_7CrossRefGoogle Scholar
  17. 17.
    Camenisch, J., Dubovitskaya, M., Haralambiev, K.: Efficient structure-preserving signature scheme from standard assumptions. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 76–94. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32928-9_5CrossRefGoogle Scholar
  18. 18.
    Cathalo, J., Libert, B., Yung, M.: Group encryption: non-interactive realization in the standard model. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 179–196. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-10366-7_11CrossRefGoogle Scholar
  19. 19.
    Chase, M., Kohlweiss, M.: A new hash-and-sign approach and structure-preserving signatures from DLIN. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 131–148. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32928-9_8CrossRefGoogle Scholar
  20. 20.
    Chen, J., Gong, J., Weng, J.: Tightly secure IBE under constant-size master public key. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10174, pp. 207–231. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54365-8_9CrossRefGoogle Scholar
  21. 21.
    Chen, J., Wee, H.: Fully, (almost) tightly secure IBE and dual system groups. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 435–460. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_25CrossRefGoogle Scholar
  22. 22.
    Dodis, Y., Kiltz, E., Pietrzak, K., Wichs, D.: Message authentication, revisited. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 355–374. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_22CrossRefGoogle Scholar
  23. 23.
    Enge, A., Milan, J.: Implementing cryptographic pairings at standard security levels. In: Chakraborty, R.S., Matyas, V., Schaumont, P. (eds.) SPACE 2014. LNCS, vol. 8804, pp. 28–46. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-12060-7_3Google Scholar
  24. 24.
    Escala, A., Herold, G., Kiltz, E., Ràfols, C., Villar, J.: An algebraic framework for Diffie-Hellman assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 129–147. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_8CrossRefGoogle Scholar
  25. 25.
    Gay, R., Hofheinz, D., Kiltz, E., Wee, H.: Tightly CCA-secure encryption without pairings. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 1–27. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49890-3_1CrossRefGoogle Scholar
  26. 26.
    Gay, R., Hofheinz, D., Kohl, L.: Kurosawa-Desmedt meets tight security. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 133–160. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63697-9_5CrossRefGoogle Scholar
  27. 27.
    Gong, J., Chen, J., Dong, X., Cao, Z., Tang, S.: Extended nested dual system groups, revisited. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 133–163. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49384-7_6CrossRefGoogle Scholar
  28. 28.
    Grewal, G., Azarderakhsh, R., Longa, P., Hu, S., Jao, D.: Efficient implementation of bilinear pairings on ARM processors. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 149–165. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-35999-6_11CrossRefGoogle Scholar
  29. 29.
    Groth, J.: Simulation-sound NIZK proofs for a practical language and constant size group signatures. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 444–459. Springer, Heidelberg (2006).  https://doi.org/10.1007/11935230_29CrossRefGoogle Scholar
  30. 30.
    Groth, J., Lu, S.: A non-interactive shuffle with pairing based verifiability. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 51–67. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-76900-2_4CrossRefGoogle Scholar
  31. 31.
    Groth, J., Ostrovsky, R., Sahai, A.: New techniques for noninteractive zero-knowledge. J. ACM 59(3), 1–35 (2012).  https://doi.org/10.1145/2220357.2220358. ISSN: 0004-5411. http://doi.acm.org/10.1145/2220357.2220358MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78967-3_24CrossRefGoogle Scholar
  33. 33.
    Hofheinz, D.: Adaptive partitioning. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 489–518. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56617-7_17CrossRefGoogle Scholar
  34. 34.
    Hofheinz, D.: Algebraic partitioning: fully compact and (almost) tightly secure cryptography. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 251–281. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49096-9_11CrossRefGoogle Scholar
  35. 35.
    Hofheinz, D., Jager, T.: Tightly secure signatures and public-key encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 590–607. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_35CrossRefGoogle Scholar
  36. 36.
    Hofheinz, D., Koch, J., Striecks, C.: Identity-based encryption with (almost) tight security in the multi-instance, multi-ciphertext setting. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 799–822. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46447-2_36Google Scholar
  37. 37.
    Jutla, C.S., Roy, A.: Improved structure preserving signatures under standard bilinear assumptions. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10175, pp. 183–209. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54388-7_7CrossRefGoogle Scholar
  38. 38.
    Jutla, C.S., Roy, A.: Switching lemma for bilinear tests and constant-size NIZK proofs for linear subspaces. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 295–312. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44381-1_17CrossRefGoogle Scholar
  39. 39.
    Kiltz, E., Pan, J., Wee, H.: Structure-preserving signatures from standard assumptions, revisited. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 275–295. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_14CrossRefGoogle Scholar
  40. 40.
    Kiltz, E., Wee, H.: Quasi-adaptive NIZK for linear subspaces revisited. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 101–128. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_4Google Scholar
  41. 41.
    Kurosawa, K., Desmedt, Y.: A new paradigm of hybrid encryption scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_26CrossRefGoogle Scholar
  42. 42.
    Libert, B., Joye, M., Yung, M., Peters, T.: Concise multi-challenge CCA-secure encryption and signatures with almost tight security. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 1–21. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45608-8_1Google Scholar
  43. 43.
    Libert, B., Peters, T., Joye, M., Yung, M.: Compactly hiding linear spans. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 681–707. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48797-6_28CrossRefGoogle Scholar
  44. 44.
    Libert, B., Peters, T., Yung, M.: Short group signatures via structure-preserving signatures: standard model security from simple assumptions. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 296–316. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_15CrossRefGoogle Scholar
  45. 45.
    Morillo, P., Ràfols, C., Villar, J.L.: The kernel matrix Diffie-Hellman assumption. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 729–758. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53887-6_27CrossRefGoogle Scholar
  46. 46.
    Ràfols, C.: Stretching Groth-Sahai: NIZK proofs of partial satisfiability. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 247–276. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_10CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  • Romain Gay
    • 1
    • 2
  • Dennis Hofheinz
    • 3
  • Lisa Kohl
    • 3
  • Jiaxin Pan
    • 3
  1. 1.Département d’informatique de l’ENS, École normale supérieure, CNRS, PSL Research UniversityParisFrance
  2. 2.INRIAParisFrance
  3. 3.Karlsruhe Institute of TechnologyKarlsruheGermany

Personalised recommendations