File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: A Trustless GQ Multi-signature Scheme with Identifiable Abort

TitleA Trustless GQ Multi-signature Scheme with Identifiable Abort
Authors
KeywordsGuillou-Quisquater signature
Multi-signature
Zero-knowledge proof
Remove trusted setup
Issue Date2021
PublisherSpringer.
Citation
The 26th Australasian Conference on Information Security and Privacy (ACISP), Virtual Conference, Perth, WA, Australia, 1-3 December 2021. In Baek, J & Ruj, S (Eds.), Information Security and Privacy Conference Proceeding, p. 673-693 How to Cite?
AbstractGuillou-Quisquater (GQ) signature is an efficient RSA-based digital signature scheme amongst the most famous Fiat-Shamir follow-ons owing to its good simplicity. However, there exist two bottlenecks for GQ hindering its application in industry or academia: the RSA trapdoor n=pq in the key generation phase and its high bandwidth caused by the storage-consuming representation of RSA group elements (3072 bits per one element in 128-bit security). In this paper, we first formalize the definition and security proof of class group based GQ signature (CL-GQ), which eliminates the trapdoor in key generation phase and improves the bandwidth efficiency from the RSA-based GQ signature. Then, we construct a trustless GQ multi-signature scheme by applying non-malleable equivocable commitments and our well-designed compact non-interactive zero-knowledge proofs (NIZK). Our scheme has a well-rounded performance compared to existing multiparty GQ, Schnorr and ECDSA schemes, in the aspects of bandwidth (no range proof or multiplication-to-addition protocol required), rather few interactions (only 4 rounds in signing), provable security in dishonest majority model and identifiable abort property. Another interesting finding is that, our NIZK is highly efficient (only one round required) by using the Bezout formula, and this trick can also optimize the ZK proof of Paillier ciphertext which greatly improves the speed of Yi’s Blind ECDSA (AsiaCCS 2019).
Persistent Identifierhttp://hdl.handle.net/10722/311866
ISBN
ISI Accession Number ID
Series/Report no.Lecture Notes in Computer Science (LNSC): v. 13083

 

DC FieldValueLanguage
dc.contributor.authorCUI, H-
dc.contributor.authorYuen, TH-
dc.date.accessioned2022-04-01T09:14:14Z-
dc.date.available2022-04-01T09:14:14Z-
dc.date.issued2021-
dc.identifier.citationThe 26th Australasian Conference on Information Security and Privacy (ACISP), Virtual Conference, Perth, WA, Australia, 1-3 December 2021. In Baek, J & Ruj, S (Eds.), Information Security and Privacy Conference Proceeding, p. 673-693-
dc.identifier.isbn9783030905668-
dc.identifier.urihttp://hdl.handle.net/10722/311866-
dc.description.abstractGuillou-Quisquater (GQ) signature is an efficient RSA-based digital signature scheme amongst the most famous Fiat-Shamir follow-ons owing to its good simplicity. However, there exist two bottlenecks for GQ hindering its application in industry or academia: the RSA trapdoor n=pq in the key generation phase and its high bandwidth caused by the storage-consuming representation of RSA group elements (3072 bits per one element in 128-bit security). In this paper, we first formalize the definition and security proof of class group based GQ signature (CL-GQ), which eliminates the trapdoor in key generation phase and improves the bandwidth efficiency from the RSA-based GQ signature. Then, we construct a trustless GQ multi-signature scheme by applying non-malleable equivocable commitments and our well-designed compact non-interactive zero-knowledge proofs (NIZK). Our scheme has a well-rounded performance compared to existing multiparty GQ, Schnorr and ECDSA schemes, in the aspects of bandwidth (no range proof or multiplication-to-addition protocol required), rather few interactions (only 4 rounds in signing), provable security in dishonest majority model and identifiable abort property. Another interesting finding is that, our NIZK is highly efficient (only one round required) by using the Bezout formula, and this trick can also optimize the ZK proof of Paillier ciphertext which greatly improves the speed of Yi’s Blind ECDSA (AsiaCCS 2019).-
dc.languageeng-
dc.publisherSpringer.-
dc.relation.ispartofThe 26th Australasian Conference on Information Security and Privacy (ACISP), 2021-
dc.relation.ispartofseriesLecture Notes in Computer Science (LNSC): v. 13083-
dc.subjectGuillou-Quisquater signature-
dc.subjectMulti-signature-
dc.subjectZero-knowledge proof-
dc.subjectRemove trusted setup-
dc.titleA Trustless GQ Multi-signature Scheme with Identifiable Abort-
dc.typeConference_Paper-
dc.identifier.emailYuen, TH: johnyuen@hku.hk-
dc.identifier.authorityYuen, TH=rp02426-
dc.description.naturelink_to_subscribed_fulltext-
dc.identifier.doi10.1007/978-3-030-90567-5_34-
dc.identifier.hkuros332478-
dc.identifier.spage673-
dc.identifier.epage693-
dc.identifier.isiWOS:000766433400034-
dc.provenanceCham-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats