Skip to main content
SpringerLink
Log in

Forward-Secure Linkable Ring Signatures

  • Conference paper
  • First Online:
Book cover Information Security and Privacy (ACISP 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10946))

Included in the following conference series:

Abstract

We present the first linkable ring signature scheme with both unconditional anonymity and forward-secure key update: a powerful tool which has direct applications in elegantly addressing a number of simultaneous constraints in remote electronic voting. We propose a comprehensive security model, and construct a scheme based on the hardness of finding discrete logarithms, and (for forward security) inverting bilinear or multilinear maps of moderate degree to match the time granularity of forward security. We prove efficient security reductions—which, of independent interest, apply to, and are much tighter than, linkable ring signatures without forward security, thereby vastly improving the provable security of these legacy schemes. If efficient multilinear maps should ever admit a secure realisation, our contribution would elegantly address a number of problems heretofore unsolved in the important application of (multi-election) practical internet voting. Even if multilinear maps never obtain, our minimal two-epoch construction instantiated from bilinear maps can be combinatorially boosted to synthesize a polynomial time granularity, which would be sufficient for internet voting and more.

X. Boyen—Supported as Australian Research Council Future Fellow, ARC grant FT140101145.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The original linkable ring signatures of Liu et al. [18, 19] had proofs with losses exponential in the number of users, due to nested use of the forking lemma [23] on Pedersen commitments [22] in the random-oracle model. Our updated proofs and reductions are independent of the number of users, thanks to a single consolidated use of the forking lemma; and the same techniques directly apply to their construction.

  2. 2.

    In the UK there is a requirement that a judge be able to order a voter’s ballot revealed. Group signatures would be perfect for such subtle voter intimidation, though Continentals would of course disapprove.

  3. 3.

    In its standardasised version [2], Helios relies on a mixnet technique to distribute the election authority’s ability to deanonymise. Even for Helios implementations that use this technique, the ability to enforce anonymity in the authentication mechanism itself would provide stronger privacy guarantees.

  4. 4.

    Rate limitation in the context of authentication refers to an intentional bound on the number of uses, typically one, that can be made of a credential on a given target.

  5. 5.

    Our definations are fairly direct forward secure variants of Liu et al. [18].

  6. 6.

    The last two aspects are generalisations of the first two. We present them all because the standard variants use weaker assumptions than the forward-secure variants.

  7. 7.

    While it is possible for two different private keys to have the same public key, violating the assertion above, this would also break the Pedersen commitments and reveal the relationship between g and h. It is also possible for the hash function to collide. These events are assumed of negligible probability.

References

  1. Adida, B.: Helios: web-based open-audit voting. In: USENIX Security (2008)

    Google Scholar 

  2. Adida, B.: Helios v3 verification specs. Technical report, Helios Voting (2010)

    Google Scholar 

  3. Albrecht, M., Bai, S., Ducas, L.: A subfield lattice attack on overstretched NTRU assumptions. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 153–178. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_6

    Chapter  Google Scholar 

  4. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. J. ACM 59(2), 6 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  5. Boneh, D., Silverberg, A.: Applications of multilinear forms to cryptography. Contemp. Math. 324(1), 71–90 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  6. Boneh, D., Wu, D.J., Zimmerman, J.: Immunizing multilinear maps against zeroizing attacks. IACR Cryptol. ePrint Archive 2014, 930 (2014)

    Google Scholar 

  7. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-46416-6_22

    Chapter  Google Scholar 

  8. Cheon, J.H., Han, K., Lee, C., Ryu, H., Stehlé, D.: Cryptanalysis of the multilinear map over the integers. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 3–12. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_1

    Chapter  Google Scholar 

  9. Cheon, J.H., Jeong, J., Lee, C.: An algorithm for NTRU problems and cryptanalysis of the GGH multilinear map without a low level encoding of zero. IACR Cryptol. ePrint Archive 19, 255–266 (2016)

    MathSciNet  MATH  Google Scholar 

  10. Coron, J.-S., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 476–493. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_26

    Chapter  Google Scholar 

  11. Cramer, R., Ducas, L., Peikert, C., Regev, O.: Recovering short generators of principal ideals in cyclotomic rings. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 559–585. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_20

    Chapter  MATH  Google Scholar 

  12. Demirel, D., Van De Graaf, J., AraĂşjo, R.: Improving helios with everlasting privacy towards the public. In: Proceedings of eVOTE/Trustworthy Elections. USENIX (2012)

    Google Scholar 

  13. Fujisaki, E., Suzuki, K.: Traceable ring signature. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 181–200. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-71677-8_13

    Chapter  Google Scholar 

  14. Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_1

    Chapter  Google Scholar 

  15. Gentry, C., Gorbunov, S., Halevi, S.: Graph-induced multilinear maps from lattices. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 498–527. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_20

    Chapter  Google Scholar 

  16. Hu, Y., Jia, H.: Cryptanalysis of GGH map. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 537–565. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_21

    Chapter  Google Scholar 

  17. Langlois, A., Stehlé, D., Steinfeld, R.: GGHLite: more efficient multilinear maps from ideal lattices. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 239–256. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_14

    Chapter  Google Scholar 

  18. Liu, J.K., Au, M.H., Susilo, W., Zhou, J.: Linkable ring signature with unconditional anonymity. IEEE Trans. Knowl. Data Eng. 26(1), 157–165 (2014)

    Article  Google Scholar 

  19. Liu, J.K., Wei, V.K., Wong, D.S.: Linkable spontaneous anonymous group signature for Ad Hoc groups. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 325–335. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-27800-9_28

    Chapter  Google Scholar 

  20. Miles, E., Sahai, A., Zhandry, M.: Annihilation attacks for multilinear maps: cryptanalysis of indistinguishability obfuscation over GGH13. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 629–658. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_22

    Chapter  Google Scholar 

  21. Paneth, O., Sahai, A.: On the equivalence of obfuscation and multilinear maps. IACR Cryptol. ePrint Archive 2015, 791 (2015)

    Google Scholar 

  22. Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_9

    Chapter  Google Scholar 

  23. Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68339-9_33

    Chapter  Google Scholar 

  24. Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45682-1_32

    Chapter  Google Scholar 

  25. Tsoukalas, G., Papadimitriou, K., Louridas, P., Tsanakas, P.: From helios to zeus. USENIX J. Elect. Technol. Syst. (JETS) 1, 1–17 (2013)

    Google Scholar 

  26. Zhandry, M.: Adaptively secure broadcast encryption with small system parameters. IACR Cryptol. ePrint Archive 2014, 757 (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. QUT, Brisbane, Australia

    Xavier Boyen & Thomas Haines

  2. Polyas GmbH, Berlin, Germany

    Thomas Haines

Authors
  1. Xavier Boyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Haines
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas Haines .

Editor information

Editors and Affiliations

  1. University of Wollongong, Wollongong, NSW, Australia

    Willy Susilo

  2. University of Wollongong, Wollongong, NSW, Australia

    Guomin Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Boyen, X., Haines, T. (2018). Forward-Secure Linkable Ring Signatures. In: Susilo, W., Yang, G. (eds) Information Security and Privacy. ACISP 2018. Lecture Notes in Computer Science(), vol 10946. Springer, Cham. https://doi.org/10.1007/978-3-319-93638-3_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-93638-3_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-93637-6

  • Online ISBN: 978-3-319-93638-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation