Cryptanalysis of Two Group Signature Schemes

  • Marc Joye
  • Seungjoo Kim
  • Narn-Yih Lee
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1729)


Group signature schemes allow a group member to anonymously sign on group’s behalf. Moreover, in case of anonymity misuse, a group authority can recover the issuer of a signature. This paper analyzes the security of two group signature schemes recently proposed by Tseng and Jan. We show that both schemes are universally forgeable, that is, anyone (not necessarily a group member) is able to produce a valid group signature on an arbitrary message, which cannot be traced by the group authority.


Digital signatures Group signatures Cryptanalysis Universal forgeries 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Stefan Brands, An efficient off-line electronic cash system based on the representation problem, Technical Report CS-R9323, Centrum voor Wiskunde en Informatica, April 1993.Google Scholar
  2. 2.
    Jan Camenisch and Markus Michels. A group signature scheme with improved efficiency. In Advances in Cryptology-ASIACRYPT’98, LNCS 1514, pp. 160–174. Springer-Verlag, 1998.CrossRefGoogle Scholar
  3. 3.
    David Chaum and Eugène van Heijst. Group signatures. In Advances in Cryptology-EUROCRYPT’ 91, LNCS 547, pp. 257–265. Springer-Verlag, 1991.Google Scholar
  4. 4.
    Marc Girault. Self-certified public keys. In Advances in Cryptology–EURO-CRYPT’91, LNCS 547, pp. 491–497. Springer-Verlag, 1991.Google Scholar
  5. 5.
    Anna Lysyanskaya and Zulfikar Ramzan. Group blind signatures: A scalable solution to electronic cash. In Financial Cryptography (FC’98), LNCS 1465, pp. 184–197. Springer-Verlag, 1998.CrossRefGoogle Scholar
  6. 6.
    Wenbo Mao and Chae Hoon Lim. Cryptanalysis in prime order subgroups of ℤn. In Advances in Cryptology-ASIACRYPT’98, LNCS 1514, pp. 214–226. Springer-Verlag, 1998.CrossRefGoogle Scholar
  7. 7.
    Ueli M. Maurer and Yacov Yacobi. Non-interactive public-key cryptography. In Advances in Cryptology-EUROCRYPT’91, LNCS 547, pp. 498–507. Springer-Verlag, 1991.Google Scholar
  8. 8.
    Toru Nakanishi, Toru Fujiwara and Hajime Watanabe. A secret voting protocol using a group signature scheme. Technical Report ISEC96-23, IEICE, September 1996.Google Scholar
  9. 9.
    Sangjoon Park, Seungjoo Kim and Dongho Won. ID-based group signature. Electronics Letters, 33(19):1616–1617, 1997.CrossRefGoogle Scholar
  10. 10.
    Sangjoon Park, Seungjoo Kim and Dongho Won. On the security of ID-based group signature. Journal of the Korean Institute of Information Security and Cryptology, 8(3):27–37, 1998.Google Scholar
  11. 11.
    Jacques Traoré. Group signatures and their relevance to privacy-protecting off-line electronic cash systems. In Information Security and Privacy (ACISP’99), LNCS 1587, pp. 228–243. Springer-Verlag, 1999.CrossRefGoogle Scholar
  12. 12.
    Yuh-Min Tseng and Jinn-Ke Jan. A novel ID-based group signature. In T. L. Hwang and A.K. Lenstra, editors, 1998 International Computer Symposium, Workshop on Cryptology and Information Security (Tainan, December 17-19, 1998), pp. 159–164.Google Scholar
  13. 13.
    — A group signature scheme using self-certified public keys. In Ninth National Conference on Information Security (Taichung, May 14-15, 1999), pp. 165–172.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Marc Joye
    • 1
  • Seungjoo Kim
    • 2
  • Narn-Yih Lee
    • 3
  1. 1.Gemplus Card InternationalIssy-les-Moulineaux CedexFrance
  2. 2.Korea Information Security Agency (KISA) 5th FL., Dong-A TowerSeoulKorea
  3. 3.Dept of Applied Foreign LanguageNan-Tai Institute of Technology TainanR.O.C.Taiwan

Personalised recommendations