Home // SnT // News & E... // PhD Defense: Attribute-Based Signatures with Traceability and Verifiable Controllable Linkability

PhD Defense: Attribute-Based Signatures with Traceability and Verifiable Controllable Linkability

twitter linkedin facebook email this page
Add to calendar
Speaker: Mr. José Miguel Perez Urquidi
Event date: Monday, 10 October 2016 10:00 am - 01:00 pm
Place: Weicker Building - Room B001

Members of the defense committee:

  • Prof. Dr. Jean-Sebastien Coron, Université du Luxembourg, chairman
  • Dr. Feng Hao, Newcastle University, vice-chairman
  • Prof. Dr. Peter Y.A. Ryan, Université du Luxembourg, supervisor
  • Dr. Liqun Chen, Hewlett Packard labs, member
  • Dr. Jean Lancrenon, Université du Luxembourg, member

Abstract: In traditional digital signature schemes, the recipient of a signature is convinced that a particular signer, associated with some identity, has authenticated the received message. Attribute-Based Signatures (ABS) were first proposed by Maji et al., in which messages are signed with respect to a signing policy expressed as a predicate. In an ABS scheme a valid signature can be generated only if the signer possesses enough attributes to satisfy the predicate. This signature does not reveal the identity of the signer nor the attributes she used to satisfy the predicate. Hence, the recipient is instead convinced that some signer possessing enough attributes to satisfy the predicate has authenticated the message, as opposed to a particular identity.

When designing ABS schemes, there are various alternatives. There are perfectly private and unlinkable ABS schemes. One may consider schemes in which only trusted entities can determine the linkability of two signatures, while not being able to identify the signer, known as linking. Also, one may consider schemes where the trusted entities can determine the author of the signature, known as tracing or traceability. A scheme providing elaborate privacy controls could allow certain trusted entities only linking, while permitting other entities full tracing capabilities.

Further, there are two approaches to achieve linkability of signatures. In one approach, known as user-controlled linkability, the signer decides if her signatures are linkable or unlinkable, and such may be verified publicly. In another approach known as controllable linkability, only trusted entities may determine links amongst signatures.

The cases of traceability and user-controlled linkability have been covered in the literature. The PhD thesis reviews these previous schemes, and covers in detail their building blocks, zero-knowledge proofs, and the Groth-Sahai proof system. Then, this thesis introduces new cryptographic schemes, covering the cases of an ABS with controllable linkability, and an ABS scheme supporting both linkability and traceability simultaneously.

Finally, we inquire regarding the level of trust in the tracing and linking authorities. In traceability the tracing authority is partially trusted, and is demanded to provide a proof of the opening of the signature. On the other hand, in the literature regarding controllable linkability, the dedicated linking authority is fully trusted, which may not always be suitable. This thesis presents a scheme supporting this feature, namely ABS with verifiable controllable linkability, where the linking authority is required to provide a proof of the link of two signatures.