Advertisement

Journal of Computer Science and Technology

, Volume 22, Issue 1, pp 71–74 | Cite as

Breaking and Repairing Trapdoor-Free Group Signature Schemes from Asiacrypt’2004

  • Xin-Yi HuangEmail author
  • Willy Susilo
  • Yi Mu
  • Fu-Tai Zhang
Short Paper
  • 23 Downloads

Abstract

Group signature schemes allow a member of a group to sign messages anonymously on behalf of the group. In case of later dispute, a designated group manager can revoke the anonymity and identify the originator of a signature. In Asiacrypt2004, Nguyen and Safavi-Naini proposed a group signature scheme that has a constant-sized public key and signature length, and more importantly, their group signature scheme does not require trapdoor. Their scheme is very efficient and the sizes of signatures are smaller than those of the other existing schemes. In this paper, we point out that Nguyen and Safavi-Naini’s scheme is insecure. In particular, it is shown in our cryptanalysis of the scheme that it allows a non-member of the group to sign on behalf of the group. And the resulting signature convinces any third party that a member of the group has indeed generated such a signature, although none of the members has done so. Therefore is in case of dispute, even the group manager cannot identify who has signed the message. In the paper a new scheme that does not suffer from this problem is provided.

Keywords

digital signature cryptography information security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    D Chaum, E van Heyst. Group signatures. In Proc. Advances in Cryptology—Eurocrypt 1991, Lecture Notes in Computer Science 547, Brighton, UK, 1991, pp.257–265.Google Scholar
  2. [2]
    Camenisch J. Efficient and generalized group signatures. In Proc. Advances in Cryptology—Eurocrypt 1997, Lecture Notes in Computer Science 1233, Konstanz, Germany, 1997, pp.465–479.Google Scholar
  3. [3]
    Chen L, Pedersen T P. New group signature schemes. In Proc. Advances in Cryptology—Eurocrypt 1994, Lecture Notes in Computer Science 950, Perugia, italy, 1994, pp.171–181.Google Scholar
  4. [4]
    Camenisch J, Stadler M. Efficient group signature schemes for large groups. In Proc. Advances in Cryptology—Crypto 1997, Lecture Notes in Computer Science 1294, Santa Barbara, California, USA, 1997, pp.410–424.Google Scholar
  5. [5]
    Camenisch J, Michels M. A group signature scheme with improved efficiency. In Proc. Advances in Cryptology—Asiacrypt 1998, Lecture Notes in Computer Science 1514, Beijing, China, 1998, pp.160–174.Google Scholar
  6. [6]
    Ateniese G, Camenisch J, Joye M, Tsudik G. A practical and provably secure coalition-resistant group signature scheme. In Proc. Advances in Cryptology—CRYPTO 2000, Lecture Notes in Computer Science 1880, Santa Barbara, California, USA, 2000, pp.255–270.Google Scholar
  7. [7]
    G Ateniese, B de Medeiros. Efficient Group Signatures without Trapdoors. In Proc. Advances in Cryptology—Asiacrypt 2003, Lecture Notes in Computer Science 2894, Taipei, 2003, pp.246–268.Google Scholar
  8. [8]
    Boneh D, Boyen X, Shacham H. Short group signatures. In Proc. Advances in Cryptology—Crypto 2004, Lecture Notes in Computer Science 3152, Santa Barbara, California, USA, 2004, pp.41–55.Google Scholar
  9. [9]
    Nguyen L, Safavi-Naini R. Efficient and provably secure trapdoor-free group signature schemes from bilinear pairings. In Proc. Advances in Cryptology—Asiacrypt 2004, Lecture Notes in Computer Science 3329, Jeju Island, Korea, 2004, pp.372–386.Google Scholar
  10. [10]
    Nguyen L, Safavi-Naini R. Efficient and provably secure trapdoor-free group signature schemes from bilinear pairings. Cryptology ePrint Archive, Report 2004/104, http://eprint.iacr.org/2004/104.
  11. [11]
    Camenisch J. Group signature schemes and payment systems based on the discrete logarithm problem [Dissertation]. ETH Zürich, 1998.Google Scholar
  12. [12]
    Boudot F. Efficient proofs that a committed number lies in an interval. In Proc. Advances in Cryptology—Eurocrypt 2000, Lecture Notes in Computer Science 1807, Bruges, Belgium, 2000, pp.431–444.Google Scholar
  13. [13]
    Bellare M, Shi H, Zhang C. Foundations of Group Signatures: The case of dynamic groups. Cryptology ePrint Archive, Report 2004/077, http://eprint.iacr.org/2004/077.
  14. [14]
    Fouque P, Pointcheval D. Threshold cryptosystems secure against chosen-ciphertext attacks. In Proc. Advances in Cryptology—Asiacrypt 2001, Lecture Notes in Computer Science 2248, Gold Coast, Australia, 2001, pp.351–368.Google Scholar
  15. [15]
    Huang X, Susilo W, Mu Y. Breaking and repairing trapdoor-free group signature schemes from Asiacrypt 2004. Cryptology ePrint Archive, Report 2005/122, http://eprint.iacr.org/2005/122.

Copyright information

© Science Press, Beijing, China and Springer Science + Business Media, LLC, USA 2007

Authors and Affiliations

  • Xin-Yi Huang
    • 1
    Email author
  • Willy Susilo
    • 1
  • Yi Mu
    • 1
  • Fu-Tai Zhang
    • 2
  1. 1.School of Information Technology and Computer ScienceUniversity of WollongongWollongongAustralia
  2. 2.School of Mathematics and Computer ScienceNanjing Normal UniversityNanjingChina

Personalised recommendations