International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Changshe Ma

Publications

Year
Venue
Title
2016
PKC
2008
EPRINT
Democratic Group Signatures with Threshold Traceability
Recently, democratic group signatures(DGSs) particularly catch our attention due to their great flexibilities, \emph{i.e}., \emph{no group manager}, \emph{anonymity}, and \emph{individual traceability}. In existing DGS schemes, individual traceability says that any member in the group can reveal the actual signer's identity from a given signature. In this paper, we formally describe the definition of DGS, revisit its security notions by strengthening the requirement for the property of traceability, and present a concrete DGS construction with $(t, n)$-\emph{threshold traceability} which combines the concepts of group signatures and of threshold cryptography. The idea behind the $(t, n)$-threshold traceability is to distribute between $n$ group members the capability of tracing the actual signer such that any subset of not less than $t$ members can jointly reconstruct a secret and reveal the identity of the signer while preserving security even in the presence of an active adversary which can corrupt up to $t-1$ group members.
2007
EPRINT
Fast Digital Signature Schemes as Secure as Diffie-Hellman Assumptions
Changshe Ma Jian Weng Dong Zheng
This paper presents two fast digital signature schemes based on Diffie-Hellman assumptions. In the random oracle model, the first scheme S1 has a tight security reduction to the computational Diffie-Hellman (CDH) problem; and the second scheme S2 has a tight security reduction to the decisional Diffie-Hellman (DDH) problem. Comparing with existing signature schemes (whose security is tightly related to CDH problem) like EDL signature schemes, the signature generation of S1 is about 27% faster, and the verification is about 35% faster, if without considering the hash function evaluations. Comparing with existing signature schemes (whose security is tightly related to DDH problem) like KW-DDH signature scheme, the signing of S2 is about 40% faster and the verification is about 35% faster. The high efficiency of the proposed schemes is attributed to a new protocol EDL_mwz which implements the proof of equality of discrete logarithm. The EDL_mwz protocol outperforms its counterpart, the Chaum and Pedersen protocol, as its computation is about 38% faster and its bandwidth is |G| bits shorter. This new protocol may be of independent interests.