Cryptanalysis of Xia-You group signature scheme

Group signature is a variant of digital signatures, which allows members of a group to sign messages anonymously on behalf of he group. The application of group signatures includes e-voting, e-bidding and e-cash. Recently, Xia and You proposed an identity-based group signature scheme with Strong separability. In this paper, however, we find that there are several problems in the Xia-You group signature scheme. This scheme is vulnerable to forgery attacks. Any adversary could easily forge a valid group signature for any message without the knowledge of the secret values of the legal members of the group. Furthermore, the Xia-You group signature scheme does not satisfy nearly all other security requirements of group signatures. The signatures are too long to be computed, stored and transmitted.

[1]  Yiannis Tsiounis,et al.  Easy Come - Easy Go Divisible Cash , 1998, EUROCRYPT.

[2]  J. M. Pollard,et al.  Theorems on factorization and primality testing , 1974, Mathematical Proceedings of the Cambridge Philosophical Society.

[3]  W.-B. Lee,et al.  Efficient group signature scheme based on the discrete logarithm , 1998 .

[4]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[5]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[6]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[7]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[8]  Jinyuan You,et al.  A group signature scheme with strong separability , 2002, J. Syst. Softw..

[9]  Lidong Chen,et al.  New Group Signature Schemes (Extended Abstract) , 1994, EUROCRYPT.

[10]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[11]  G. J. Simmons,et al.  Preliminary Comments on the M.I.T. Public-Key Cryptosystem , 1977, Cryptologia.

[12]  Marc Joye,et al.  Cryptanalysis of Two Group Signature Schemes , 1999, ISW.

[13]  Jan Camenisch,et al.  Efficient and Generalized Group Signatures , 1997, EUROCRYPT.

[14]  Toshiya Itoh,et al.  An ID-based cryptosystem based on the discrete logarithm problem , 1989, IEEE J. Sel. Areas Commun..

[15]  Jan Camenisch,et al.  Efficient group signature schemes for large groups , 1997 .

[16]  Holger Petersen,et al.  How to Convert any Digital Signature Scheme into a Group Signature Scheme , 1997, Security Protocols Workshop.