🤖 AI Summary
Traditional group signature schemes struggle to simultaneously achieve flexible membership enrollment, privacy preservation, and accountability in scenarios such as visitor access in smart environments. To address this challenge, this work proposes a Sponsored Group Signature (SPGS) scheme featuring a two-tier membership structure: first-tier members can sponsor second-tier members to join the group, ensuring anonymity while holding sponsors accountable for the actions of those they endorse. The scheme further supports linkability of second-tier signatures to enable efficient oversight. We formalize the first security model for SPGS and present a generic construction based on dynamic group signatures, commitment schemes, and sound non-interactive zero-knowledge (NIZK) proofs, instantiated using IND-CPA secure public-key encryption. The practicality and efficiency of our approach are demonstrated through its successful deployment in an Anonymous Guest Access Token (AGAT) system for smart buildings.
📝 Abstract
Group signatures are privacy preserving signature schemes in which a group member can anonymously sign messages on behalf of the group, while providing accountability, by allowing the signature of a misbehaving group member be ``opened'' and the identity of the signer be revealed. In group signature members are admitted to the group by a (trusted) group manager. We motivate the need for a flexible mechanism in applications, such as privacy preserving access in smart environments, and propose a two-level member-join group signature that we call SPonsored Group Signature (SPGS) where group members of level 1 can ``sponsor'' new members, in level 2, to join the group. This relaxation of user join comes with additional accountability mechanisms: we require that the signature of a sponsored member can be opened to the identity of the sponsor (that is sponsor is responsible for the sponsored member), and while all signatures are anonymous, for the sponsored members, the signatures are linkable. This allows a sponsor to efficiently identify an undesirable sponsored member. We formalize SPGS scheme, define its security using a game-based approach, and give a generic construction of SPGS that uses a (dynamic) group signature scheme, a commitment scheme, and a knowledge-sound non-interactive zero knowledge proof of knowledge, and prove its security. We also give an instantiation of our construction. To show applicability of SPGS in practice, we consider the problem of providing guest access in a smart building, and introduce Anonymous Guest Access Token (AGAT) that allows a temporary guest to anonymously access (a subset of) the building resources. We show how SPGS can be used (together with an IND-CPA secure public key encryption scheme) to give a direct construction for AGAT, and show the efficiency of our guest access protocol when it is instantiated with existing schemes.