New cryptographic primitives with applications to information privacy and corporate confidentiality

This thesis describes the construction of three new cryptographic primitives for data authentication that simultaneously provide strong security and confidentiality guarantees, namely on-line group signatures, trapdoor-free group signature schemes and identity-based chameleon hashes. These novel primitives are useful in a myriad of contexts where systems process sensitive information.; On-line group signatures are discussed in chapter 3, including a design using off-the-shelf cryptographic primitives available in standard cryptographic libraries. That chapter also describes an application of on-line group signatures to an electronic prescription processing system that protects the privacy of both patients and doctors. Chapter 4 describes the first construction of practical trapdoor-free group signature schemes---since the introduction of group signatures in 1991 [42], all compact constructions had relied on the group manager having knowledge of the trapdoor information. Trapdoor-free group signatures are useful in cross-organizational transaction processing systems, where users need to authenticate themselves as belonging to more than one group. They provide privacy, accountability and ease of interoperability. In chapter 5, an electronic auction scheme is described that incorporates identity-based chameleon hashes to provide protection against unauthorized disclosure of sealed bids. Identity-based chameleon hashing provides a new approach to identity-based cryptography with minimal requirements of interaction with the trusted party---in particular, unlike other identity-based primitives, it does not require the user to retrieve the secret key in most cases.