A Group Signature Scheme with Efficient Membership Revocation for Middle-Scale Groups

This paper proposes a group signature scheme with efficient membership revocation. Though group signature schemes with efficient membership revocation based on a dynamic accumulator were proposed, the previous schemes force a member to change his secret key whenever he makes a signature. Furthermore, for the modification, the member has to obtain a public membership information of O(lnN) bits, where ln is the length of the RSA modulus and N is the total number of joining members and removed members. In our scheme, the signer needs no modification of his secret, and the public membership information has only K bits, where K is the maximal number of members. Then, for middle-scale groups with the size that is comparable to the RSA modulus size (e.g., up to about 1000 members for 1024 bit RSA modulus), the public membership information is a single small value only, while the signing/verification also remains efficient.

[1]  Atsuko Miyaji,et al.  Group Signature Scheme with An Efficient Revocation , 2006 .

[2]  Dawn Xiaodong Song,et al.  Quasi-Efficient Revocation in Group Signatures , 2002, Financial Cryptography.

[3]  Shouhuai Xu,et al.  Accumulating Composites and Improved Group Signing , 2003, ASIACRYPT.

[4]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[5]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[6]  Dawn Xiaodong Song,et al.  Practical forward secure group signature schemes , 2001, CCS '01.

[7]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[8]  Yiannis Tsiounis,et al.  On the Security of ElGamal Based Encryption , 1998, Public Key Cryptography.

[9]  Ivan Damgård,et al.  A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order , 2002, ASIACRYPT.

[10]  Toru Nakanishi,et al.  Unlinkable Divisible Electronic Cash , 2000, ISW.

[11]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[12]  Giuseppe Ateniese,et al.  Efficient Group Signatures without Trapdoors , 2003, ASIACRYPT.

[13]  Yiannis Tsiounis,et al.  Easy Come - Easy Go Divisible Cash , 1998, EUROCRYPT.

[14]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[15]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[16]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[17]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[18]  Toru Nakanishi,et al.  A Group Signature Scheme with Efficient Membership Revocation for Reasonable Groups , 2004, ACISP.

[19]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[20]  Jan Camenisch,et al.  Efficient group signature schemes for large groups , 1997 .

[21]  Kouichi Sakurai,et al.  An Anonymous Electronic Bidding Protocol Based on a New Convertible Group Signature Scheme , 2000, ACISP.

[22]  Jan Camenisch,et al.  Separability and Efficiency for Generic Group Signature Schemes , 1999, CRYPTO.

[23]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[24]  Anna Lysyanskaya,et al.  Signature schemes and applications to cryptographic protocol design , 2002 .