Welcome to the resource topic for 2025/1752
Title:
Foundations of Dynamic Group Signatures: The Case of Malicious Openers and Issuers
Authors: Stephan Krenn, Kai Samelin, Daniel Slamanig
Abstract:Group signatures enable users to sign on behalf of a group while preserving anonymity, with accountability provided by a designated opener. The first rigorous model for dynamic groups (Bellare, Shi, Zhang, CT–RSA ‘05) captured anonymity, non-frameability, and traceability, later extended with trace-soundness (Sakai et al., PKC ‘12) and non-claimability (introduced as ``opening-soundness’’ by Bootle et al., ACNS '16 & JoC '20).
In practice, issuer and opener are often distinct entities, often implemented by different organizations and/or hardware modules. We therefore formalize and prove the consequences of a model that enforces their complete separation, allows key reuse across groups, treats issuer and opener as stateless, and makes both joining and opening non-interactive.
This separation makes it necessary to reformulate traceability against a corrupt issuer and to introduce three additional unforgeability notions-key-unforgeability, certificate-unforgeability, and opening-unforgeability-for the case of a corrupt opener. Following this line of reasoning, we also develop strengthened formulations of trace-soundness and non-claimability.
We prove that in this model the eight resulting properties are fully distinct: even the conjunction of any seven does not imply the eighth. This yields the first comprehensive map of group signature security in a stateless, reusable-key, and non-interactive framework, and formally demonstrates the impact of complete issuer–opener separation.
ePrint: https://eprint.iacr.org/2025/1752
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .