Recent Advances in Attribute-Based Signatures

Abstract

Attribute-based signatures are an advanced signature primitive that allows a signer to prove the possession of attributes with minimum level of disclosure of his privacy. In particular, by issuing a signature, the singer can prove the possession of a set of attributes that satisfies some public policy, while hiding any further information on the attributes beyond the fact that the attributes satisfy the public policy. This primitive has many interesting applications, for example, anonymous credentials, attribute-based messaging, and secret leaking. There are two main performance measures of attribute-based signatures. The first is expressiveness of the policy, namely, the computational class with which the policy is described, while the other is the computational overhead, for example, the signature size. While initial schemes mainly tired to investigate a trade-off between expressiveness and computational overhead, recently the research moves to aiming at achieving very expressive policy. Such constructions includes the construction for non-monotone span programs as the policy, those for unbounded circuits from bilinear maps from lattices in the random oracle model, and from lattices in the standard model, those for Turing machines and nondeterministic finite automata, and that for unbounded arithmetic branching programs. Another direction in this research area is to extend the functionality of the attribute-based signature primitive. This direction includes constructing traceable attribute-based signatures, decentralized attribute-based signatures, decentralized traceable attribute-based signatures, and hierarchical attribute-based signatures. In this talk, we give a brief overview of the recent advances in the area of attribute-based signatures, pick up some of the recent schemes, and introduce the key techniques for these constructions.