Paper 2010/587
Group Message Authentication
Bartosz Przydatek and Douglas Wikström
Abstract
Group signatures is a powerful primitive with many practical applications, allowing a group of parties to share a signature functionality, while protecting the anonymity of the signer. However, despite intensive research in the past years, there is still no fully satisfactory implementation of group signatures in the plain model. The schemes proposed so far are either too inefficient to be used in practice, or their security is based on rather strong, non-standard assumptions. We observe that for some applications the full power of group signatures is not necessary. For example, a group signature can be verified by any third party, while in many applications such a universal verifiability is not needed or even not desired. Motivated by this observation, we propose a notion of \emph{group message authentication}, which can be viewed as a relaxation of group signatures. Group message authentication enjoys the group-oriented features of group signatures, while dropping some of the features which are not needed in many real-life scenarios. An example application of group message authentication is an implementation of an \emph{anonymous} credit card. We present a generic implementation of group message authentication, and also propose an efficient concrete implementation based on standard assumptions, namely strong RSA and DDH.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Conference version appeared at Conference on Security and Cryptography for Networks 2010 (SCN 2010)
- Contact author(s)
- dog @ csc kth se
- History
- 2010-11-20: received
- Short URL
- https://ia.cr/2010/587
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/587, author = {Bartosz Przydatek and Douglas Wikström}, title = {Group Message Authentication}, howpublished = {Cryptology {ePrint} Archive, Paper 2010/587}, year = {2010}, url = {https://eprint.iacr.org/2010/587} }