Chapter

Public Key Cryptography – PKC 2009

Volume 5443 of the series Lecture Notes in Computer Science pp 463-480

Revocable Group Signature Schemes with Constant Costs for Signing and Verifying

  • Toru NakanishiAffiliated withDepartment of Communication Network Engineering, Okayama University
  • , Hiroki FujiiAffiliated withDepartment of Communication Network Engineering, Okayama University
  • , Yuta HiraAffiliated withDepartment of Communication Network Engineering, Okayama University
  • , Nobuo FunabikiAffiliated withDepartment of Communication Network Engineering, Okayama University

Abstract

Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N) or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch-Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where no updates of secret key are required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with \(O(\sqrt{N})\)-size public key, where signing and verifying have constant extra costs.