Group Signature with Deniability: How to Disavow a Signature.

Inspired by this problem, we propose the notion of a deniable group signature, where, with respect to a signature and a user, the authority can issue a proof showing that the specified user is NOT the ... Group signatures are a class of digital signatures with enhanced privacy. ... The adversary A os has two types of forgery, one is producing the valid group signature and its opening proofs of i and j which are both accepted by Judge and the other is producing the valid group signature ...

doi:10.1587/transfun.e100.a.1825 fatcat:n6rg267c2bf25aidwmnqjlw3g4

Inspired by this problem, we propose the notion of a deniable group signature, where, with respect to a signature and a user, the authority can issue a proof showing that the specified user is NOT the ... Group signatures are a class of digital signatures with enhanced privacy. ... The adversary A os has two types of forgery, one is producing the valid group signature and its opening proofs of i and j which are both accepted by Judge and the other is producing the valid group signature ...

doi:10.1007/978-3-319-48965-0_14 fatcat:gkiay2btgfb6tewexpxs7lkrf4

Compared with group signatures, a ring signature scheme needs no group manager or special setup and supports flexibility of group choice. ... At the other extreme, it does not allow the actual signer to prove their identity and gain recognition for their actions. A deniable ring signature is designed to overcome these disadvantages. ... However, group signatures require a group manager and every signer has to join the group. ...

doi:10.1007/s10207-018-0417-1 fatcat:ekdgzygahrgozku6assfcpnhkm

Deniable ring signature can be regarded as group signature without group manager, in which a singer is capable of singing a message anonymously, but, if necessary, each ring member is allowed to confirm ... In this work, we propose an efficient scheme with signature size logarithmic to the cardinality of the ring. From a high level, we adapt Libert et al.' ... In short, DRS can be regarded as a 'lightweight' group signature, i.e., group signature without the manager. ...

doi:10.3390/e23080980 fatcat:6caitjp3fbdtxh54r3gc4qmtne

DOAJ

In this paper, a new scheme is introduced to protect user privacy by a deniable CP_ABE(Cloud Provider_ Attribute Based Encryption) scheme which implements a cloud storage encryption plan. ... CSP-cloud storage providers offer storage as a service to all the users. It is a paid facility that allows association to outsource their confidential data to be stored on remote servers. ... To convert from the Composite order groups to Prime order groups there are a few strategies that can make good computational performance. ...

doi:10.35940/ijitee.j9614.0881019 fatcat:meyjmfobpff7dlcmmprwfzhqpy

can run the same protocols to confirm a valid DCS or disavow an invalid signature. ... However, there is one limit in most existing schemes: the signer is not given the ability to disavow invalid DCS signatures. ... in a multiplicative cyclic group G with prime order q. ...

doi:10.1007/978-3-642-25516-8_28 fatcat:sbskkhgoovfi7aktlbizrqomx4

As an application, we show how to break invisibility in undeniable signatures, how to sell votes in voting schemes, how to break anonymity in group/ring signatures, and how to carry on the Mafia fraud ... In a strong key registration model, deniability can be restored, but only at the price of using key escrow. ... A different way to enforce deniability of a signature is to use a group or ring signature [23] between the signing party and the verifier. ...

doi:10.1007/978-3-642-04138-9_29 fatcat:v6kakeadjfe4bh26pvlj2azrde

In this paper, we present a lightweight privacy-preserving ring signature scheme that is suitable for anonymous transactions and e-voting services run in an environment with constrained devices such as ... This work focuses on advanced cryptographic solutions based on ring signatures that provide anonymity to payment senders or to voters during e-voting. ... Ring signatures provide various properties (e.g. linkability, deniability, exculpability, disavowal) and security assumptions. For example, Wu et al. ...

doi:10.5220/0006890506920697 dblp:conf/icete/MalinaHDR18 fatcat:7kgmtx3z6ffehgxjmg3hsmesam

In this paper, we revisit nominative signatures, first introduced by Kim, Park and Won, which provides the functionality and security guarantees required to implement a certification system allowing the ... Hence, through our nominative signature scheme, we achieve an efficient non-transferable user certification scheme with strong security guarantees. ... Acknowledgement The first author is supported by a JSPS Fellowship for Young Scientists. ...

doi:10.1007/978-3-642-21554-4_24 fatcat:hxahyk6bsndutitlqe6xfni46a

to a competitor. ... The proposed scheme also allows the group manager to delegate the ability to confirm and deny to a limited set of parties without providing them the capability of generating signatures. ... Chaum and van Antwerpen [5] initiate an undeniable signature scheme in which anyone must interact with the signer to verify a valid signature and the signer can disavow an invalid signature through a ...

doi:10.1007/3-540-36552-4_4 fatcat:3mlopgphlzabnjt36p3f5whlqq

The current email system allows any attacker who gains access to your email to prove the authenticity of the stolen messages to third parties -- a property arising from a necessary anti-spam / anti-spoofing ... In this paper, we introduce "non-attributable email", which guarantees that a wide class of adversaries are unable to convince any third party of the authenticity of stolen emails. ... Acknowledgements We are grateful to Jon Callas for his in-depth review of the applicability of our scheme to DKIM, and to Dan Boneh, Daniel J. ...

arXiv:1904.06425v1 fatcat:fznsf63htnc6xb3poyrlj734zi

In undeni-able signature schemes, the signer may be blackmailed or bribed to confirm or disavow an alleged signature. ... a private confirmer key with a public confirmer key, (ii) an operation for signing messages, and (iii) a confirming operation for proving signatures valid (confirmation) or invalid (disavowal). ... It is not clear how to analyze the security of this algorithm. ...

doi:10.1007/978-1-4419-5906-5_568 fatcat:wly6ca3tv5e2pc2woejsoaoubm

Citation

Alex Biryukov, Christophe De Cannière, William E. Winkler, Charu C. Aggarwal, Markus Kuhn, Luc Bouganim, Yanli Guo, Bart Preneel, Gerrit Bleumer, Tor Helleseth, Ran Canetti, Mayank Varia, Christiane Peters, Burt Kaliski, Yvo Desmedt, George Kesidis, Marijke De Soete, Gerrit Bleumer, Berry Schoenmakers, Alex Biryukov, Carlisle Adams, Alex Biryukov, Eli Biham, Tom Caddy, Cynthia Dwork, Alex Biryukov, Mike Just, Matthieu Finiasz, Nicolas Sendrier, Kazue Sako, Philippe Gaborit, Nicolas Sendrier, Dan Boneh, Christian Cachin, Dan Gordon, Ninghui Li, Sabrina De Capitani di Vimercati, Marion Videau, Svetlana N. Yanushkevich, Denis V. Popel, Brent Byung Hoon Kang, John Ioannidis, Mihai Christodorescu, Vinod Ganapathy, Brent Byung Hoon Kang, Anurag Srivastava, Sean W. Smith. "Data Encryption Standard (DES)." Encyclopedia of Cryptography and Security (2011) 295-301

We describe a design for "one-way indexing" to provide plausibly-deniable content search and storage in a censorship resistant network without requiring out-of-band communication, making a file store searchable ... The fundamental requirement for censorship resistance is content discoverability-it should be easy for users to find and access documents, but not to discover what they store locally, to preserve plausible ... Acknowledgments The authors would like to thank Eric Myhre, Rob Jansen, James Tyra, and our anonymous reviewers for their help with an early version of this work. ...

fatcat:7t5kklgrzjcjlci4pkeyzmwv5i

We go on to repair the NIDV proofs of Jakobsson et al., producing secure NIDV proofs suited to combination with Chaum's original undeniable signature scheme resulting in a secure and efficient concrete ... There appears to be no formal security modelling for NIDV undeniable signatures or for NIDV proofs in general. ... Acknowledgements We would like to thank Steven Galbraith for valuable comments on this work. ...

doi:10.1007/11586821_10 fatcat:ub5u2vvlrzflperrso7ru6hxie

So, the digital signature can never be revealed to the verifier and this is where a digital signature of GDC becomes a security factor that can be used for user authentication. ... A GDC is a kind of Digital Certificate which contains user's public information and Digital signature which is issued and signed by the trusted Certificate Authority. ... Undeniable signatures solve this problem by adding a new component called the disavowal protocol in addition to the normal components of signature and verification. ...

doi:10.5120/16924-6762 fatcat:2yka5glzijh4lfzjg47deo2cxq

Group Signature with Deniability: How to Disavow a Signature

Preserved Fulltext

Group Signature with Deniability: How to Disavow a Signature [chapter]

Preserved Fulltext

Lattice-based deniable ring signatures

Preserved Fulltext

Lattice-Based Logarithmic-Size Non-Interactive Deniable Ring Signatures

Preserved Fulltext

Secure and Error-Free Data Storage on Cloud via Deniable CP-ABE Scheme

Preserved Fulltext

Designated Confirmer Signatures with Unified Verification [chapter]

Preserved Fulltext

On Tamper-Resistance from a Theoretical Viewpoint [chapter]

Preserved Fulltext

Lightweight Ring Signatures for Decentralized Privacy-preserving Transactions

Preserved Fulltext

Non-transferable User Certification Secure against Authority Information Leaks and Impersonation Attacks [chapter]

Preserved Fulltext

Convertible Group Undeniable Signatures [chapter]

Preserved Fulltext

KeyForge: Mitigating Email Breaches with Forward-Forgeable Signatures [article]

Preserved Fulltext

Data Encryption Standard (DES) [chapter]

Preserved Fulltext

One-way indexing for plausible deniability in censorship resistant storage

Preserved Fulltext

Non-interactive Designated Verifier Proofs and Undeniable Signatures [chapter]

Preserved Fulltext

A Novel Methodology for Secure Communications and Prevention of Forgery Attacks

Preserved Fulltext