전자공학회논문지CI (Journal of the Institute of Electronics Engineers of Korea CI)

대한전자공학회 (The Institute of Electronics and Information Engineers)
권호 표지

DNF 정책을 가지는 속성 기반 서명

Attribute-Based Signatures with DNF Policies

  • 이광수 (고려대학교 정보경영공학전문대학원) ;
  • 황정연 (고려대학교 정보경영공학전문대학원) ;
  • 김형중 (고려대학교 정보경영공학전문대학원) ;
  • 이동훈 (고려대학교 정보경영공학전문대학원)
  • Lee, Kwang-Su (Korea University, Graduate School of Information Management and Security) ;
  • Hwang, Jung-Yeon (Korea University, Graduate School of Information Management and Security) ;
  • Kim, Hyoung-Joong (Korea University, Graduate School of Information Management and Security) ;
  • Lee, Dong-Hoon (Korea University, Graduate School of Information Management and Security)
  • 발행 : 2009.01.25
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

속성 기반 서명(Attribute-Based Signature) 기법이란 서명자의 비밀키에 속성 집합(Attribute Set)이 연관되고 서명에 접근구조(Access Structure)가 연관되는 서명 기법이다. 속성 기반 서명 기법은 객체의 식별자가 속성 집합으로 표현되는 속성 기반 시스템(Attribute-Based System) 또는 권한 기반 시스템(Role-Based System)에서 서명자의 익명성과 접근 제어를 가능하게 하는 유용한 서명 기법이다. 본 논문에서는 속성 기반 서명 기법을 정의하고 서명에 포함되는 정책을 DNF(Disjunctive Normal Form) 수식으로 표현이 가능한 효율적인 속성 기반 서명 기법을 제시한다. 제시한 기법은 서명 검증시 상수번의 페어링 연산만이 필요한 최초의 안전한 기법이다. 그리고 증명이 가능한 속성 기반 서명 기법을 구성하기 위해서 새로운 interactive 가정을 소개하고 제안된 기법이 랜덤 오라클과 새로운 가정에서 안전함을 보인다.

An attribute-based signature scheme is a signature scheme where a signer's private key is associate with an attribute set and a signature is associated with an access structure. Attribute-based signature schemes are useful to provide anonymity and access control for role-based systems and attribute-based systems where an identity of object is represented as a set of roles or attributes. In this paper, we formally define the definition of attribute-based signature schemes and propose the first efficient attribute-based signature scheme that requires constant number of pairing operations for verification where a policy is represented as a disjunctive normal form (DNF). To construct provably secure one, we introduce a new interactive assumption and prove that our construction is secure under the new interactive assumption and the random oracle model.

키워드

참고문헌

  1. G. Ateniese, M. Blanton, and J. Kirsch. Secret Handshakes with Dynamic and Fuzzy Matching. In Network and Distributed System Security Symposuim (NDSS '07). 2007
  2. A. Beimel. Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel, 1996
  3. A. Bender, J. Katz, and R. Morselli. Ring signatures: Stronger denitions, and constructions without random oracles. In TCC 2006, volume 3876 of LNCS, pages 60-79. Springer-Verlang, 2006
  4. J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In Proceeding of the IEEE Symposium on Security and Privacy, pages 321-334. 2007
  5. R. Bobba, O. Fatemieh, F. Khan, C.A. Gunter, and H. Khurana. Using Attribute-Based Access Control to Enable Attribute-Based Messaging. In IEEE Annual Computer Security Applications Conference (ACSAC '06), 2006
  6. X. Boyen. Mesh signatures How to leak a secret with unwitting and unwilling participants. In EUROCRYPT 2007, volume 4515 of EUROCRYPT 2007, pages 210-227. Springer-Verlang, 2007 https://doi.org/10.1007/978-3-540-72540-4_12
  7. E. Bresson, J. Stern, and M. Szydlo. Threshold ring signatures and applications to ad-hoc groups. In CRYPTO 2002, volume 2442 of LNCS, pages 465-480. Springer-Verlang, 2002 https://doi.org/10.1007/3-540-45708-9_30
  8. J.C. Cha and J.H. Cheon. An identity-based signature from gap diffie-hellman groups. In PKC 2003, volume 2567 of LNCS, pages 18-30. Springer-Verlang, 2003
  9. S.S.M. Chow, S.M. Yiu, and L.C.K. Hui. Efficient identity based ring signature. In ACNS 2005, volume 3531 of LNCS, pages 499-512. Springer-Verlang, 2005
  10. W. Diffie and M.E. Hellman. New directions in cryptography. In IEEE Transactions on Information Theory, volume IT-22, no. 6, pages 644-654. 1976
  11. C. Gentry and Z. Ramzan. Identity-based aggregate signatures. In PKC 2006, volume 3958 of LNCS, pages 257-273. Springer-Verlang, 2006 https://doi.org/10.1007/11745853_17
  12. V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute based encryption for fine-graned access control of encrypted data. In ACM conference on Computer and Communications Security (ACM CCS), pages 89-98. 2006
  13. D. Khader. Attribute-based group signatures. Cryptology ePrint Archive, Report 2007/159, 2007. http://eprint.iacr.org/
  14. J. Li and K. Kim. Attribute-based ring signatures. Cryptology ePrint Archive, Report 2008/394, 2008. http://eprint.iacr.org
  15. H. Maji, M. Prabhakaran, and M. Rosulek. Attribute-based signatures: Achieving attribute-privacy and collusion-resistance. Cryptology ePrint Archive, Report 2008/328, 2008. http://eprint.iacr.org
  16. R. Ostrovsky, A. Sahai, and B. Waters. Attribute-based encryption with non-monotonic access structures. In ACM conference on Computer and Communications Security (ACM CCS), pages 195-203. 2007
  17. D. Pointcheval and J. Stern. Security arguments for digital signatures and blind signatures. In Journal of Cryptology, volume 13, no 3, pages 361-396. 2000 https://doi.org/10.1007/s001450010003
  18. R. Rivest, A. Shamir, and Y. Tauman. How to leak a secret. In ASIACRYPT 2001, volume 2248 of LNCS, pages 552-565. 2001 https://doi.org/10.1007/3-540-45682-1_32
  19. A. Sahai and B. Waters. Fuzzy identity based encryption. In EUROCRYPT 2005, volume 3494 of LNCS, pages 457-473. Springer-Verlang, 2005 https://doi.org/10.1007/11426639_27
  20. R.S. Sandhu, E.J. Coyne, and C.E. Youman. Role-based access control models. In IEEE Computer, volume 29, no 2, pages 38-47. 1996 https://doi.org/10.1109/2.485845
  21. H. Shacham and B. Waters. Efficient ring signatures without random oracles. In PKC 2007, volume 4450 of LNCS, pages 166-180. Springer-Verlang, 2007 https://doi.org/10.1007/978-3-540-71677-8_12
  22. A. Shamir. Identity-based cryptosystems and signaure shcemes. In CRYPTO 1984, volume 196 of LNCS, pages 47-53. Springer-Verlang, 1984 https://doi.org/10.1007/3-540-39568-7_5
  23. L. Wang, D. Wijesekera, and S. Jajodia. A Logic-Based Framework for Attribute-Based Access Control. In ACM Workshop on Formal Methods in Security Engineering (FMSE '04), 2004