Succinct Attribute-Based Signatures for Bounded-Size Circuits by Combining Algebraic and Arithmetic Proofs
Attribute-based signatures allow fine-grained attribute-based authentication and at the same time keep a signer’s privacy as much as possible. While there are constructions of attribute-based signatures allowing arbitrary circuits or Turing machines as an authentication policy, none of them is pract...
Saved in:
| Published in | Security and Cryptography for Networks pp. 711 - 734 |
|---|---|
| Main Author | |
| Format | Book Chapter |
| Language | English |
| Published |
Cham
Springer International Publishing
2022
|
| Series | Lecture Notes in Computer Science |
| Online Access | Get full text |
| ISBN | 9783031147906 3031147901 |
| ISSN | 0302-9743 1611-3349 |
| DOI | 10.1007/978-3-031-14791-3_31 |
Cover
Loading…
| Abstract | Attribute-based signatures allow fine-grained attribute-based authentication and at the same time keep a signer’s privacy as much as possible. While there are constructions of attribute-based signatures allowing arbitrary circuits or Turing machines as an authentication policy, none of them is practically very efficient. Some schemes have long signatures or long user secret keys which grow as the sizes of a policy or attributes grow. Some scheme relies on a vast Karp reduction which transforms public-key and secret-key operations into an arithmetic circuit. We propose an attribute-based signature scheme for bounded-size arbitrary arithmetic circuits with constant-size signatures and user secret keys without relying on such a Karp reduction. The scheme is based on bilinear groups and is proven secure in the generic bilinear group model. To achieve this we develop a new extension of SNARKs (succinct non-interactive arguments of knowledge). We formalize this extension as constrained SNARKs, which can be seen as a simplification of commit-and-prove SNARKs both in syntax and technique. In a constrained SNARK, one can force a prover to use a witness satisfying some constraint by announcing a succinct constraint string which encodes a constraint on a witness. If a proof is valid under some constraint string, it is ensured that the witness behind the proof satisfies the constraint that is behind the constraint string. By succinct, we mean that a constraint string has a constant length independent of the length of the plain description of the constraint, and notably a verifier need not know the (potentially long) plain description of the constraint for verifying a proof. We construct a constrained SNARK in the generic bilinear group model. |
|---|---|
| AbstractList | Attribute-based signatures allow fine-grained attribute-based authentication and at the same time keep a signer’s privacy as much as possible. While there are constructions of attribute-based signatures allowing arbitrary circuits or Turing machines as an authentication policy, none of them is practically very efficient. Some schemes have long signatures or long user secret keys which grow as the sizes of a policy or attributes grow. Some scheme relies on a vast Karp reduction which transforms public-key and secret-key operations into an arithmetic circuit. We propose an attribute-based signature scheme for bounded-size arbitrary arithmetic circuits with constant-size signatures and user secret keys without relying on such a Karp reduction. The scheme is based on bilinear groups and is proven secure in the generic bilinear group model. To achieve this we develop a new extension of SNARKs (succinct non-interactive arguments of knowledge). We formalize this extension as constrained SNARKs, which can be seen as a simplification of commit-and-prove SNARKs both in syntax and technique. In a constrained SNARK, one can force a prover to use a witness satisfying some constraint by announcing a succinct constraint string which encodes a constraint on a witness. If a proof is valid under some constraint string, it is ensured that the witness behind the proof satisfies the constraint that is behind the constraint string. By succinct, we mean that a constraint string has a constant length independent of the length of the plain description of the constraint, and notably a verifier need not know the (potentially long) plain description of the constraint for verifying a proof. We construct a constrained SNARK in the generic bilinear group model. |
| Author | Sakai, Yusuke |
| Author_xml | – sequence: 1 givenname: Yusuke orcidid: 0000-0002-5115-8292 surname: Sakai fullname: Sakai, Yusuke email: yusuke.sakai@aist.go.jp |
| BookMark | eNo1kEtOwzAURQ0UibZ0BwyyAYPtl489TCN-UiWQChIzK3bs4tImyHYGsJqupSsjLTB6uh9dPZ0JGrVdaxC6ouSaElLciIJjwAQopmkhKAYJ9ARNYHCOxtspGtOcDgGk4gzNhv5_RvIRGhMgDIsihQs0C2FNCGEFgKAwRttlr7VrdUzKGL1TfTR4XgfTJEu3auvYexMS2_n9bt71bWMavHTfJqmc172LIVFf-13VbZVrXbtKys3KKF87ndRts9-V3sX3rYmDfvZdZ8MlOrf1JpjZ352i17vbl-oBL57uH6tygdcsTyNWCoRljHOaK52lRHEG1LIss5YzmnFaFEITlmreZLrOcqoYYQRSEIpbajOYIva7Gz798JfxUnXdR5CUyANQOQCSIAdE8shPHoDCDyIZaJU |
| ContentType | Book Chapter |
| Copyright | The Author(s), under exclusive license to Springer Nature Switzerland AG 2022 |
| Copyright_xml | – notice: The Author(s), under exclusive license to Springer Nature Switzerland AG 2022 |
| DOI | 10.1007/978-3-031-14791-3_31 |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Mathematics Computer Science |
| EISBN | 303114791X 9783031147913 |
| EISSN | 1611-3349 |
| Editor | Galdi, Clemente Jarecki, Stanislaw |
| Editor_xml | – sequence: 1 givenname: Clemente orcidid: 0000-0002-2988-700X surname: Galdi fullname: Galdi, Clemente email: clgaldi@unisa.it – sequence: 2 givenname: Stanislaw orcidid: 0000-0002-5055-2407 surname: Jarecki fullname: Jarecki, Stanislaw email: stasio@ics.uci.edu |
| EndPage | 734 |
| GroupedDBID | -DT -GH -~X 1SB 29L 2HA 2HV 5QI 875 AASHB ABMNI ACGFS ADCXD AEFIE ALMA_UNASSIGNED_HOLDINGS EJD F5P FEDTE HVGLF LAS LDH P2P RIG RNI RSU SVGTG VI1 ~02 |
| ID | FETCH-LOGICAL-j264t-bb39f228816bc540b8231f255ff821581779c024c8d5ca561b20203439b8f1f53 |
| ISBN | 9783031147906 3031147901 |
| ISSN | 0302-9743 |
| IngestDate | Tue Jul 29 20:22:00 EDT 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Language | English |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-j264t-bb39f228816bc540b8231f255ff821581779c024c8d5ca561b20203439b8f1f53 |
| ORCID | 0000-0002-5115-8292 |
| PageCount | 24 |
| ParticipantIDs | springer_books_10_1007_978_3_031_14791_3_31 |
| PublicationCentury | 2000 |
| PublicationDate | 2022 |
| PublicationDateYYYYMMDD | 2022-01-01 |
| PublicationDate_xml | – year: 2022 text: 2022 |
| PublicationDecade | 2020 |
| PublicationPlace | Cham |
| PublicationPlace_xml | – name: Cham |
| PublicationSeriesTitle | Lecture Notes in Computer Science |
| PublicationSeriesTitleAlternate | Lect.Notes Computer |
| PublicationSubtitle | 13th International Conference, SCN 2022, Amalfi (SA), Italy, September 12–14, 2022, Proceedings |
| PublicationTitle | Security and Cryptography for Networks |
| PublicationYear | 2022 |
| Publisher | Springer International Publishing |
| Publisher_xml | – name: Springer International Publishing |
| RelatedPersons | Hartmanis, Juris Gao, Wen Steffen, Bernhard Bertino, Elisa Goos, Gerhard Yung, Moti |
| RelatedPersons_xml | – sequence: 1 givenname: Gerhard surname: Goos fullname: Goos, Gerhard – sequence: 2 givenname: Juris surname: Hartmanis fullname: Hartmanis, Juris – sequence: 3 givenname: Elisa surname: Bertino fullname: Bertino, Elisa – sequence: 4 givenname: Wen surname: Gao fullname: Gao, Wen – sequence: 5 givenname: Bernhard orcidid: 0000-0001-9619-1558 surname: Steffen fullname: Steffen, Bernhard – sequence: 6 givenname: Moti orcidid: 0000-0003-0848-0873 surname: Yung fullname: Yung, Moti |
| SSID | ssj0002733913 ssj0002792 |
| Score | 2.2482076 |
| Snippet | Attribute-based signatures allow fine-grained attribute-based authentication and at the same time keep a signer’s privacy as much as possible. While there are... |
| SourceID | springer |
| SourceType | Publisher |
| StartPage | 711 |
| Title | Succinct Attribute-Based Signatures for Bounded-Size Circuits by Combining Algebraic and Arithmetic Proofs |
| URI | http://link.springer.com/10.1007/978-3-031-14791-3_31 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV29btswECZcd0k7tE1btOkPODSToUKiLFEaOjhGiiBIvDgp0kkQKSpV0ziBLQ3O2Cfxs_jJetSRkuxkSRfBlgxRPn46fnfHuyPkC-dZALoxc1Q6jMFAyeCd85hwlGJcuiJzw7pk_ukkPDofHl8EF73e386upaoUX-Xdg3kl_zOrcA7mVWfJPmJmm5vCCfgM8wtHmGE4bpHfTTcr5nCYznO1-388X96Wpvp0vXNwgtu7G8Y8Ta-w8fTPalFdbSBlWklZzGQ5GJXY_ko5B7C2AREtLrHuZ12zYX_M9kfugW7DpDJnWtypwbiYy0pHHsQSr4J2EQV6Wv5c6pA0VoPFiyN42l_XOmlSpyfA4osaTVdaXnw7MbGMyU1ZbxEb2HYTVvt03ROMbbknrHtyy8HZ-tg27FlYT8E-47EbdtSgDzobrB5UgwrVdKiLL_pY7NSoXm6UNq7iHF2k9xaI7p4QGMzRo8GtEp2K_4RHQZ88HR0en_xo_HRA7_w6krtjv8cmMoVPpfOF7FN7WNGp_RedXM2HhrwXfa9JzdlL8lwnulCdgQJCe0V6arZLXli5UyP3XfLstCntu3hNri1c6BZcaAsXCnBZr7pQoRYqVCzXqwYmtIEJBZisVy1EKELkDTn_fng2PnJMzw7nN1Dr0hHCj3PGosgLhQRrQOgwcw52a55HwC4jj_NYAi-UURbIFMi7YDoWDrRYRLmXB_5b0p_dzNQ7QnMw5bkrQ5753tBVQqQq9XMxDBl3U5Gz92RgpZfot3CR2BLcIOvET0DWSS3rRMt671G__kB2WjB_JP1yXqlPwD5L8dkA5B-3B37y |
| linkProvider | Library Specific Holdings |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=bookitem&rft.title=Security+and+Cryptography+for+Networks&rft.au=Sakai%2C+Yusuke&rft.atitle=Succinct+Attribute-Based+Signatures+for%C2%A0Bounded-Size+Circuits+by%C2%A0Combining+Algebraic+and%C2%A0Arithmetic+Proofs&rft.series=Lecture+Notes+in+Computer+Science&rft.date=2022-01-01&rft.pub=Springer+International+Publishing&rft.isbn=9783031147906&rft.issn=0302-9743&rft.eissn=1611-3349&rft.spage=711&rft.epage=734&rft_id=info:doi/10.1007%2F978-3-031-14791-3_31 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0302-9743&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0302-9743&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0302-9743&client=summon |