Abstract
In this paper, we introduce P-signatures. A P-signature scheme consists of a signature scheme, a commitment scheme, and (1) an interactive protocol for obtaining a signature on a committed value; (2) a non − interactive proof system for proving that the contents of a commitment has been signed; (3) a noninteractive proof system for proving that a pair of commitments are commitments to the same value. We give a definition of security for P-signatures and show how they can be realized under appropriate assumptions about groups with a bilinear map. We make extensive use of the powerful suite of non-interactive proof techniques due to Groth and Sahai. Our P-signatures enable, for the first time, the design of a practical non-interactive anonymous credential system whose security does not rely on the random oracle model. In addition, they may serve as a useful building block for other privacy-preserving authentication mechanisms.
| Original language | English |
|---|---|
| Title of host publication | Theory of Cryptography, Fifth Theory of Cryptography Conference, TCC 2008, New York, USA, March 19-21, 2008. |
| Publisher | Springer |
| Pages | 356-374 |
| Number of pages | 19 |
| ISBN (Electronic) | 978-3-540-78524-8 |
| ISBN (Print) | 978-3-540-78523-1 |
| DOIs | |
| Publication status | Published - 2008 |
| Event | Fifth IACR Theory of Cryptography Conference - Courant Institute of Mathematical Sciences, New York University, New York, United States Duration: 19 Mar 2008 → 21 Mar 2008 https://www.iacr.org/workshops/tcc2008/ |
Conference
| Conference | Fifth IACR Theory of Cryptography Conference |
|---|---|
| Abbreviated title | TCC 2008 |
| Country/Territory | United States |
| City | New York |
| Period | 19/03/08 → 21/03/08 |
| Internet address |