Security Flaws in Several Group Signatures Proposed by Popescu
In resent years, Popescu et al. proposed several group signature schemes in [8, 9, 10, 11] that based on the Okamoto-Shiraishi assumption. Their schemes are claimed to be secure. However, we identify several security flaws in their schemes and then show that these schemes are all insecure. By exploiting those flaws, anybody (not necessarily a group member) can forge valid group signatures on arbitrary messages of his/her choice. In other words, these schemes are universally forgeable.
Keywordsgroup signature digital signature information security
Unable to display preview. Download preview PDF.
- 3.Camenisch, J., Stadler, M.: Effient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)Google Scholar
- 5.Camenisch, J., Michels, M.: A group signature scheme based on an RSA-variant. Technical Report RS-98-27, BRICS, University of Aarhus, An earlier version appears in  (November 1998)Google Scholar
- 7.Okamoto, T., Shiraishi, A.: A fast signature scheme based on quadratic inequalities. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 123–132. IEEE Computer Society Press, Los Alamitos (1985)Google Scholar
- 8.Popescu, C.: Group signature schemes based on the difficulty of computation of approximate e-th roots. In: Proc. of Protocols for Multimedia Systems, PROMS 2000, pp. 325–331. Cracow, Poland (2000)Google Scholar
- 10.Popescu, C.: A group blind signature scheme based on the Okamoto-Shiraishi assumption. Romanian Journal of Information Science and Technology 4(5) (2002)Google Scholar
- 11.Popescu, C., Noje, D., Bede, B., Mang, I.: A group signature scheme with revocation. In: Proc. of 4th EURSIP Conference focused on Video/Image Processing and Multimedia Communications EC-VIP-MC 2003, Zagreb, Coratia, 2-5 July, pp. 245–250. IEEE Computer Society, Los Alamitos (2003), available via IEEExplore,http://ieeexplore.ieee.org/