Affiliations: [a] School of Information Systems, Singapore Management University, Singapore. E-mail: xhding@smu.edu.sg | [b] Department of Information and Computer Science, University of California at Irvine, Irvine, CA, USA. E-mail: gts@ics.uci.edu | [c] Department of Computer Science, University of Texas at San Antonio, San Antonio, TX, USA. E-mail: shxu@cs.utsa.edu
Note: [1] An earlier version appeared in the Proceedings of IEEE ICDCS’04 [32].
Abstract: Group signatures are a useful cryptographic construct for privacy-preserving non-repudiable authentication, and there have been many group signature schemes. In this paper, we introduce a variant of group signatures that offers two new security properties called leak-freedom and immediate-revocation. Intuitively, the former ensures that an insider (i.e., an authorized but malicious signer) be unable to convince an outsider (e.g., a signature receiver) that she indeed signed a certain message; whereas the latter ensures that the authorization for a user to issue group signatures can be immediately revoked whenever the need arises (temporarily or permanently). These properties are not offered in existing group signature schemes, nor captured by their security definitions. However, these properties might be crucial to a large class of enterprise-centric applications because they are desirable from the perspective of the enterprises who adopt group signatures or are the group signatures liability-holders (i.e., will be held accountable for the consequences of group signatures). In addition to introducing these new security properties, we present a scheme that possesses both traditional and these newly introduced properties. Our scheme is constructed using an architectural approach where a mediation server is exploited to trade on-line communications for the extra security properties, which explains why the resulting scheme is called “leak-free mediated group signatures”.
