Tracing-by-Linking Group Signatures

13 years 11 months ago
Tracing-by-Linking Group Signatures
In a group signature [19], any group member can sign on behalf of the group while remaining anonymous, but its identity can be traced in an future dispute investigation. Essentially all state-of-theart group signatures implement the tracing mechnism by requiring the signer to escrow its identity to an Open Authority (OA) [2, 14, 4, 25, 5, 7, 24]. We call them Tracing-by-Escrowing (TbE) group signatures. One drawback is that the OA also has the unnecessary power to trace without proper cause. In this paper we introduce Tracing-by-Linking (TbL) group signatures. The signer’s anonymity is irrevocable by any authority if the group member signs only once (per event). But if a member signs twice, its identity can be traced by a public algorithm without needing any trapdoor. We initiate the formal study of TbL group signatures by introducing its security model, constructing the first examples, and give several applications. Our core construction technique is the successful transplant of th...
Victor K. Wei
Added 28 Jun 2010
Updated 28 Jun 2010
Type Conference
Year 2005
Where ISW
Authors Victor K. Wei
Comments (0)