@Misc{AHR05a, author = { Ben Adida and Susan Hohenberger and Ronald L. Rivest }, title = { Ad-Hoc Group Signatures from Hijacked Keypairs }, howpublished = { Unpublished draft. A preliminary version was presented by Ben Adida at the April 14--15, 2005 DIMACS Workshop on Theft in E-Commerce. }, date = { 2005-06-24 }, OPTmonth = { June 24, }, OPTyear = { 2005 }, eventtitle = { DIMACS Workshop on Theft in E-Commerce: Content, Identity, and Service }, eventdate = { 2005-04-14/2005-04-15 }, venue = { Rutgers, Piscataway, New Jersey }, organizers = { Drew Dean and Markus Jakobsson }, urla = { workshop }, abstract = { Ad-hoc-group signatures enable an individual to sign on behalf of a group without requiring prior group membership setup. Such signatures are used to provide credibility -- the signer must be one of the group members -- combined with some degree of anonymity -- the identity of the signer within the group cannot be determined. Thus, in many instances, other group members might not cooperate in the creation of such a signature. They may even wish to interfere with its creation, refusing to generate keypairs of a form that might facilitate such activity. \par We present a combination of techniques for efficiently coercing any user into an ad-hoc signatory group, using only that user's public key. This public key may correspond to almost any signature or encryption scheme, as long as there exists an efficient Special Honest Verifier Zero Knowledge Proof of Knowledge protocol for the secret key, or, alternatively, a hash-and-sign algorithm for that keypair type. Our approach effectively hijacks any public key for the purpose of building an ad-hoc group signature. We also present a new proof protocol that enables, within our framework, the hijacking of Boneh-Franklin and Waters identity-based encryption keys, as well as Camenisch-Lysyanskaya signature keys. }, }