Abstract. Alice wants to prove that she is young enough to borrow money from her bank, without revealing her age. She therefore needs a tool for proving that a committed number lies in a specific interval. Up to now, such tools were either inefficient (too many bits to compute and to transmit) or inexact (i.e. proved membership to a much larger interval). This paper presents a new proof, which is both efficient and exact. Here, “efficient ” means that there are less than 20 exponentiations to perform and less than 2 Kbytes to transmit. The potential areas of application of this proof are numerous (electronic cash, group signatures, publicly verifiable secret encryption, etc...). 1

Group signature schemes are fundamental cryptographic tools that enable unlinkably anonymous authentication, in the same fashion that digital signatures provide the basis for strong authentication protocols. In this paper we present the first group signature scheme with constantsize parameters that does not employ any trapdoor function. This novel type of group signature scheme allows public parameters to be shared among organizations. Such sharing represents a highly desirable simpli cation over existing schemes, which require each organization to maintain a separate cryptographic domain.

In this paper we propose an accountability management framework for resource sharing in peer-to-peer (P2P) distributed computing systems. On the basis of a generalized e-coin paradigm, we developed the management framework based on the distribution of resource credit/policy, exchange of service and service evidences, and accountability management. A tree topology is assumed for the distribution of resource credit and policies, so that P2P parties can have an absolute reference of the credential of principals, and make the system scalable. Common resource management operations involving splitting, merging and the propagation of system attributes (such as the ownership of the resources) are bound to the resource credit to become resource evidence after the services are rendered. We propose three e-coin binding techniques for those resource delegation scenarios, so that the credit policy (distributed by the credential authority), the resource attribute (sent from the provider) and the resource order (acknowledged from the consumer) can be cryptographically tied with the warrant, the response and the challenge respectively in the e-coin for the generation of the anonymous evidence on the delegation events. Index terms – peer-to-peer computing, accountable resource sharing, e-coin, attribute binding. 12

In this paper we proposed an e-coin based role election scheme for peer-to-peer (P2P) systems. A node in a P2P group can be elected as an application server, or a trusted third party (TTP) server, but not both. The attributes of the election process and the outcomes are mapped to the Ferguson’s e-coin scheme so that undeniable evidences can be generated even when the P2P nodes remain anonymous. Nodes can nominate and cast their votes without revealing their identities, but violation of voting rules will subject them to disclosure of such misconducts, and their true identities, which were to be tied into the evidences in encrypted forms. Our scheme also supports the merging of multiple groups, to ensure that when a node is involved in multiple groups, it cannot compromise the mutual exclusion requirement of the role choices in the newly merged group. Index terms – peer-to-peer, trusted third party, mutual exclusion, nomination and election, e-coin, grouping. 12