1 / 46

Fuzzy Identity Based Signature

Fuzzy Identity Based Signature. Based on P Yang et al 2008 Kittipat Virochsiri. Introduction. What is it? Applications. What is it?. An Identity Based Signature scheme With some error tolerance A signature issued by a user with identity can be verified by another user with identity

mercia
Download Presentation

Fuzzy Identity Based Signature

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fuzzy Identity Based Signature Based on P Yang et al 2008 KittipatVirochsiri

  2. Introduction What is it? Applications

  3. What is it? • An Identity Based Signature scheme • With some error tolerance • A signature issued by a user with identity can be verified by another user with identity • If and are within a certain distance judged by some metric

  4. Applications • Attribute-based signature • Biometric identity based signature

  5. Preliminaries Bilinear Pairing Computational Diffie-Hellman Threshold Secret Sharing Schemes

  6. Bilinear pairing • Let and be multiplicative groups of the same prime order • Bilinear pairing is a map with following properties: • Bilinear: , where and • Non-degeneracy: • Computability: It is efficient to compute for all

  7. Computational Diffie-Hellman (CDH) Challenger Adversary

  8. CDH Assumption • An adversary has at least advantage if: • The computational (t,) - DH assumption holds if no polynomial-time adversary has at least advantage in solving the game

  9. Threshold Secret Sharing Scheme

  10. Threshold Secret Sharing Scheme • Let: • be a finite field with elements • be the secret • Assign every player with a unique field element • Set of players , where can recover secret using

  11. Fuzzy Identity Based Signature (FIBS) scheme Consisted of 4 steps: Setup Extract Sign Verify

  12. FIBS schemes Setup Sign Extract Verify 0/1

  13. Security Model Unforgeable Fuzzy Identity Based Signature against Chosen-Message Attack (UF-FIBS-CMA)

  14. Security Model Signing Oracle Setup Adversary Private Key Oracle for

  15. Definition • ’s success probability is • The fuzzy identity based signature scheme FIBS is said to be UF-FIBS-CMA secure if is negligible in the security parameter

  16. The Scheme

  17. FIBS schemes Setup Sign Extract Verify invalid/valid 0/1

  18. Building Blocks • and are groups of the prime order • Bilinear pairing • is a generator of • Identities are sets of elements of

  19. Setup • Choose • Choose uniformly random from • Let be the set • Select a random integer • Select a random vector • Public parameters • Master key

  20. Extract • Choose a random degree polynomial such that • Return • is a random number from defined for all

  21. Sign • A bit string • Select a random for • Output

  22. Verify • where • Choose an arbitrary -element subset of • Verify

  23. Correctness check

  24. Security Proof

  25. Security Game Signing Oracle Setup Adversary Private Key Oracle for Simulator

  26. Theorem • Let be an adversary that makes at most signature queries and produces a successful forgery against the scheme with probability in time • Then there exists an algorithm that solves the CDH problem in with probability in time

  27. Setup • Select a random identity • Choose • A random number • Random numbers in the interval • Random exponents

  28. Setup • Let and • Choose • A random degree polynomial • An degree polynomial such that if and only if • for from to

  29. Private Key Oracle • Answer private key query on identity • Define , , • and

  30. Private Key Oracle • Define private key for • For • and are chosen randomly in • For

  31. Private Key Oracle • Define degree polynomial as • Let • For , it can be shown that

  32. Signing Oracle • Answer signature query on identity for some • If , then the simulator aborts • Select a random set

  33. Signing Oracle • For • is chosen randomly in • For

  34. Signing Oracle • Pick random , for • Compute

  35. Signing Oracle • For , it can be shown that

  36. Producing Forgery • Output a valid forgery on for identity • If or , then aborts.

  37. Producing Forgery • For some

  38. Producing Forgery • Select a random set such that and • Compute

  39. Solving CDH • could solve the CDH instance by outputting • The probability is

  40. Issues Privacy Capture and replay

  41. Privacy • No anonymity for signer

  42. Capture and replay • Only secure when forgery of identity can be detected

  43. Conclusion

  44. Conclusion • Allows identity to issue a signature that identity can verify • Provided that and are within some distance • Unforgeableagainst adaptively chosen message attack

  45. Thank you Question?

  46. References • Dan Boneh and Matthew K. Franklin. Identity-based encryption from the weil pairing. In CRYPTO ’01: Proceedings of the 21st Annual International Cryptography Conference on Advance in Cryptology, page 213-229, London, UK, 2001. Springer-Verlag. • Jin Li and Kwangjo Kim. Attribute-based ring signature. Cryptology ePrint Archive, Report 2008/394, 2008. • AmitSahai and Brent Waters. Fuzzy Identity-Based encryption. In Advance in Cryptography – EUROCRYPT 2005, page 457-473. 2005. • Siamak F Shahandashti and ReihanehSafavi-Naini. Threshold attribute-based signatures and their application to anonymous credential systems. Cryptology ePrint Archive, Report 2009/126, 2009. • Brent Waters. Efficient Identity-Based encryption without random oracles. In Advance in Cryptography – EUROCRYPT 2005, page 114-127. 2005. • Piyi Yang, Zhenfu Cao, and Xiaolei Dong. Fuzzy identity based signature. Cryptology ePrint Archive, Report 2008/002, 2008.

More Related