University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Hierarchical Attribute-Based Signatures: Short Keys and Optimal Signature Length

Gardham, Daniel and Manulis, Mark (2019) Hierarchical Attribute-Based Signatures: Short Keys and Optimal Signature Length In: International Conference on Applied Cryptography and Network Security.

4.pdf - Accepted version Manuscript

Download (445kB) | Preview


With Attribute-based Signatures (ABS) users can simultaneously sign messages and prove compliance of their attributes, issued by designated attribute authorities, with some verification policy. Neither signer’s identity nor possessed attributes are leaked during the verification process, making ABS schemes a handy tool for applications requiring privacy-preserving authentication. Earlier ABS schemes lacked support for hierarchical delegation of attributes (across tiers of attribute authorities down to the signers), a distinct property that has made traditional PKIs more scalable and widely adoptable. This changed recently with the introduction of Hierarchical ABS (HABS) schemes, where support for attribute delegation was proposed in combination with stronger privacy guarantees for the delegation paths (path anonymity) and new accountability mechanisms allowing a dedicated tracing authority to identify these paths (path traceability) and the signer, along with delegated attributes, if needed. Yet, current HABS construction is generic with inefficient delegation process resulting in sub-optimal signature lengths of order O(k2|Ψ|) where Ψ is the policy size and k the height of the hierarchy. This paper proposes a direct HABS construction in bilinear groups that significantly improves on these bounds and satisfies the original security and privacy requirements. At the core of our HABS scheme is a new delegation process based on the length-reducing homomorphic trapdoor commitments to group elements for which we introduce a new delegation technique allowing step-wise commitments to additional elements without changing the length of the original commitment and its opening. While also being of independent interest, this technique results in shorter HABS keys and achieves the signature-length growth of O(k|Ψ|) which is optimal due to the path-traceability requirement.

Item Type: Conference or Workshop Item (Conference Paper)
Divisions : Faculty of Engineering and Physical Sciences > Computer Science
Authors :
Date : 29 May 2019
Grant Title : EPSRC Grant
Copyright Disclaimer : © Springer Nature Switzerland AG 2019
Projects : TAPESTRY (ESRC Project)
Depositing User : James Marshall
Date Deposited : 28 Jan 2020 15:14
Last Modified : 28 Jan 2020 15:14

Actions (login required)

View Item View Item


Downloads per month over past year

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800