A Group Signature Scheme with Improved Efficiency

The concept of group signatures allows a group member to sign messages anonymously on behalf of the group. However, in the case of a dispute, the identity of a signature’s originator can be revealed by a designated entity. In this paper we propose a new group signature scheme that is well suited for large groups, i.e., the length of the group’s public key and of signatures do not depend on the size of the group. Our solution based on a variation of the RSA problem is more efficient than previous ones satisfying these requirements.

[1]  Jacques Stern,et al.  Security Analysis of a Practical "on the fly" Authentication and Signature Generation , 1998, EUROCRYPT.

[2]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[3]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[4]  David Chaum,et al.  Transferred Cash Grows in Size , 1992, EUROCRYPT.

[5]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[6]  Marc Girault,et al.  An Identity-based Identification Scheme Based on Discrete Logarithms Modulo a Composite Number , 1991, EUROCRYPT.

[7]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[8]  Zulfikar Ramzan,et al.  Group Blind Digital Signatures: A Scalable Solution to Electronic Cash , 1998, Financial Cryptography.

[9]  Holger Petersen,et al.  How to Convert any Digital Signature Scheme into a Group Signature Scheme , 1997, Security Protocols Workshop.

[10]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[11]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[12]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[13]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[14]  Jan Camenisch,et al.  Group signature schemes and payment systems based on the discrete logarithm problem , 1998 .

[15]  Don Coppersmith,et al.  Finding a Small Root of a Bivariate Integer Equation; Factoring with High Bits Known , 1996, EUROCRYPT.

[16]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[17]  Ivan Damgård,et al.  Linear zero-knowledge—a note on efficient zero-knowledge proofs and arguments , 1997, STOC '97.

[18]  Adi Shamir,et al.  On the generation of cryptographically strong pseudorandom sequences , 1981, TOCS.

[19]  Elisa Bertino,et al.  Computer Security — ESORICS 96 , 1996, Lecture Notes in Computer Science.

[20]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[21]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[22]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[23]  Joe Kilian,et al.  Identity Escrow , 1998, CRYPTO.

[24]  Markus Stadler,et al.  Cryptographic protocols for revocable privacy , 1996 .

[25]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[26]  Tatsuaki Okamoto,et al.  New Public-Key Schemes Based on Elliptic Curves over the Ring Zn , 1991, CRYPTO.

[27]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[28]  Marc Girault,et al.  Self-Certified Public Keys , 1991, EUROCRYPT.

[29]  Jeroen van de Graaf,et al.  A Simple and Secure Way to Show the Validity of Your Public Key , 1987, CRYPTO.

[30]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[31]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[32]  Lidong Chen,et al.  New Group Signature Schemes (Extended Abstract) , 1994, EUROCRYPT.

[33]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[34]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[35]  Ueli Maurer,et al.  Digital Payment Systems with Passive Anonymity-Revoking Trustees , 1996, ESORICS.

[36]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[37]  Kwangjo Kim,et al.  Advances in Cryptology — ASIACRYPT '96 , 1996, Lecture Notes in Computer Science.

[38]  Carl Pomerance,et al.  Advances in Cryptology — CRYPTO ’87 , 2000, Lecture Notes in Computer Science.

[39]  Rosario Gennaro,et al.  New Efficient and Secure Protocols for Verifiable Signature Sharing and Other Applications , 2000, J. Comput. Syst. Sci..

[40]  Seung Joo Kim,et al.  Convertible Group Signatures , 1996, ASIACRYPT.

[41]  Andrew Odlyzko,et al.  Advances in Cryptology — CRYPTO’ 86 , 2000, Lecture Notes in Computer Science.

[42]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[43]  Yiannis Tsiounis,et al.  Easy Come - Easy Go Divisible Cash , 1998, EUROCRYPT.

[44]  David Chaum,et al.  An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations , 1987, EUROCRYPT.

[45]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[46]  Jan Camenisch,et al.  Efficient and Generalized Group Signatures , 1997, EUROCRYPT.