A Fully-Functional Group Signature Scheme over Only Known-Order Group

The concept of group signature allows a group member to sign message anonymously on behalf of the group. In the event of a dispute, a designated entity can reveal the identity of a signer. Previous group signature schemes use an RSA signature based membership certificate and a signature based on a proof of knowledge(SPK) in order to prove the possession of a valid membership certificate. In these schemes, SPK is generated over an unknown-order group, which requires more works and memory compared with a publicly-known-order group. Recently, a group signature based on a known-order group is proposed. However, it requires an unknown-order group as well as a known-order group. Furthermore, unfortunately, it does not provide the function of revocation. In this paper, we propose the group signature scheme based on only publicly-known-order groups. Our scheme improves the Nyberg-Rueppel signature to fit for generating membership certificates and uses SPKs over a cyclic group whose order is publicly known. As a result, our scheme reduces the size of group signature and the computational amount of signature generation and verification.

[1]  Jacques Stern,et al.  Efficient Revocation in Group Signatures , 2001, Public Key Cryptography.

[2]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[3]  Dawn Xiaodong Song,et al.  Practical forward secure group signature schemes , 2001, CCS '01.

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[6]  Jan Camenisch,et al.  Efficient group signature schemes for large groups , 1997 .

[7]  Jan Camenisch,et al.  Group signature schemes and payment systems based on the discrete logarithm problem , 1998 .

[8]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[9]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[10]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[11]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[12]  Giuseppe Ateniese,et al.  Efficient Group Signatures without Trapdoors , 2003, ASIACRYPT.

[13]  David Thomas,et al.  The Art in Computer Programming , 2001 .

[14]  Jan Camenisch,et al.  Efficient and Generalized Group Signatures , 1997, EUROCRYPT.

[15]  David Chaum,et al.  An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations , 1987, EUROCRYPT.

[16]  Rainer A. Rueppel,et al.  Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem , 1994, EUROCRYPT.

[17]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[18]  David Chaum,et al.  Advances in Cryptology — EUROCRYPT’ 87 , 2000, Lecture Notes in Computer Science.

[19]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[20]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[21]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[22]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[23]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[24]  Dawn Xiaodong Song,et al.  Quasi-Efficient Revocation in Group Signatures , 2002, Financial Cryptography.

[25]  J. Camenisch,et al.  A Group Signature Scheme Based on an RSA-Variant , 1998 .