Transitive Signatures from Braid Groups

  • Licheng Wang
  • Zhenfu Cao
  • Shihui Zheng
  • Xiaofang Huang
  • Yixian Yang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4859)


Transitive signature is an interesting primitive due to Micali and Rivest. During the past years, many constructions of transitive signatures have been proposed based on various assumptions. In this paper, we provide the first construction of transitive signature schemes by using braid groups. In the random oracle model, our proposals are proved to be transitively unforgeable against adaptively chosen message attack under the assumption of the intractability of one-more matching conjugate problem (OM-MCP) over braid groups. Moreover, the proposed schemes are invulnerable to currently known quantum attacks.


Transitive signature braid group one-more matching conjugate problem provable security random oracle model 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anshel, I., Anshel, M., Fisher, B., Goldfeld, D.: New Key Agreement Protocols in Braid Group Cryptography. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 13–27. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Anshel, I., Anshel, M., Goldfeld, D.: An algebraic method for public-key cryptography. Math. Research Letters 6, 287–291 (1999)zbMATHMathSciNetGoogle Scholar
  3. 3.
    Anshel, M.: Braid Group Cryptography and Quantum Cryptoanalysis. In: 8th International Wigner Symposium, May 27-30, 2003, GSUC-CUNY 365 Fifth Avenue, NY, NY 10016, USA (2003)Google Scholar
  4. 4.
    Bellare, M., Neven, G.: Transitive signaures based on factoring and RSA. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 397–414. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Neven, G.: Transitive signatures: New schemes and proofs. IEEE Transactions on Information Theory 51(6), 2133–2151 (2005)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The One-More-RSA-Inversion Problems and the Security of Chaum’s Blind Signature Scheme. Journal of Cryptology 16(3), 185–215 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Cha, J.C., Ko, K.H., Lee, S.J., Han, J.W., Cheon, J.H., et al.: An efficient implementation of braid groups. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 144–156. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Cheon, J.H., Jun, B.: A Polynomial Time Algorithm for the Braid Diffie-Hellman Conjugacy Problem. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 212–225. Springer, Heidelberg (2003)Google Scholar
  9. 9.
    Dehornoy, P.: Braid-based cryptography. Contemp. Math., Amer. Math. Soc. 360, 5–33 (2004)MathSciNetGoogle Scholar
  10. 10.
    Elrifai, E., Morton, H.R.: Algorithms for positive braids. Quart. J. Math. Oxford Ser. 45(2), 479–497 (1994)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Franco, N., Gonzales-Menses, J.: Conjugacy problem for braid groups and garside groups. Journal of Algebra 266, 112–132 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Gebhardt, V.: A new approach to the conjugacy problem in garside groups. Journal of Algebra 292, 282–302 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Gonzales-Meneses, J.: Improving an algorithm to solve the multiple simultaneous conjugacy problems in braid groups, Preprint, math.GT/0212150 (2002)Google Scholar
  14. 14.
    Huang, Z.-J., Hao, Y.-H., Wang, Y.-M., Chen, K.-F.: Efficient directed transitive signature scheme. Acta Electronica Sinica 33(8), 1497–1501 (2005)Google Scholar
  15. 15.
    Hughes, J.: The left SSS attack on Ko-Lee-Cheon-Han-Kang-Park key agreement scheme in B45, Rump session Crypto (2000)Google Scholar
  16. 16.
    Hughes, J.: A linear algebraic attack on the AAFG1 braid group cryptosystem. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 176–189. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  17. 17.
    Kitaev, A.: Quantum measurements and the abelian stabilizer problem. Preprint, quant-ph/9511026 (1995)Google Scholar
  18. 18.
    Ko, K.H., Choi, D.H., Cho, M.S., Lee, J.W.: New signature scheme using conjugacy problem (preprint 2002),
  19. 19.
    Ko, K.H., Lee, S.J., Cheon, J.H., Han, J.W.: New public-key cryptosystem using braid groups. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 166–183. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  20. 20.
    Ko, K.H., Lee, J.W., Thomas, T.: Towards generating secure keys for braid cryptography, Designs, Codes and Cryptography (to appear, 2007)Google Scholar
  21. 21.
    Kuwakado, H., Tanaka, H.: Transitive Signature Scheme for Directed Trees. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E86-A(5), 1120–1126 (2003)Google Scholar
  22. 22.
    Lee, E.: Braig groups in cryptography. IEICE Trans. Fundamentals E87-A(5), 986–992 (2004)Google Scholar
  23. 23.
    Lee, E., Lee, S.-J., Hahn, S.-G.: Pseudorandomness from Braid Groups. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 486–502. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  24. 24.
    Magliveras, S., Stinson, D., van Trung, T.: New approaches to designing public key cryptosystems using one-way functions and trapdoors in finite groups. Journal of Cryptography 15, 285–297 (2002)zbMATHCrossRefGoogle Scholar
  25. 25.
    Micali, S., Rivest, R.L.: Transitive signaure schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 236–243. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  26. 26.
    Myasnikov, A., Shpilrain, V., Ushakov, A., Practical, A.: Attack on a Braid Group Based Cryptographic Protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 86–96. Springer, Heidelberg (2005)Google Scholar
  27. 27.
    Proos, J., Zalka, C.: Shors discrete logarithm quantum algorithm for elliptic curves. Quantum Information and Computation 3, 317–344 (2003)MathSciNetGoogle Scholar
  28. 28.
    Shahandashti, S.F., Salmasizadeh, M., Mohajeri, J.: A provably secure short transitive signature scheme from bilinear group Pairs. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 60–76. Springer, Heidelberg (2005)Google Scholar
  29. 29.
    Shor, P.: Polynomail-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 5, 1484–1509 (1997)CrossRefMathSciNetGoogle Scholar
  30. 30.
    Wang, L.: PhD. Disseration. Shanghai Jiao Tong University (June 2007)Google Scholar
  31. 31.
    Wang, L., Cao, Z., Zeng, P., Li, X.: One-more matching conjugate problem and security of braid-based signatures. In: ASIACCS 2007, pp. 295–301. ACM, New York (2007)Google Scholar
  32. 32.
    Warren Jr., Henry, S.: A modification of Warshall’s algorithm for the transitive closure of binary relations. Communications of the ACM 18(4), 218–220 (1975)CrossRefGoogle Scholar
  33. 33.
    Yi, X.: Directed transitive signature scheme. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 129–144. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  34. 34.
    Yi, X., Tan, C.-H., Okamoto, E.: Security of Kuwakado-Tanaka transitive signature scheme for directed trees. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E87-A(4), 955–957 (2004)Google Scholar
  35. 35.
    Zhu, H.: Model for undirected transitive signatures. IEE Proceedings: Communications 151(4), 312–315 (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Licheng Wang
    • 1
  • Zhenfu Cao
    • 2
  • Shihui Zheng
    • 1
  • Xiaofang Huang
    • 1
  • Yixian Yang
    • 1
  1. 1.Information Security Center, State Key Laboratory of Networking and Switching, Technology, Beijing University of Posts and Telecommunications, Beijing 100876P.R. China
  2. 2.Dept. Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240P.R. China

Personalised recommendations