Affiliation-hiding authenticated asymmetric group key agreement based on short signature
The notion of Affiliation-Hiding Authenticated Group Key Agreement (AH-AGKA) protocols was first introduced by Jarecki et al. in CT-RSA 2007, where they presented two concrete AH-AGKA protocols. In this paper, we show that Jarecki et al.'s second protocol has some drawbacks. We propose a new affiliation-hiding protocol. Differing from Jarecki et al.'s protocol, our protocol is asymmetric. Compared with existing AH-AGKA protocols, our scheme not only exhibits the affiliation-hiding property, but also holds the properties of detectability and perfect forward secrecy.