Advertisement

Group Signatures: Better Efficiency and New Theoretical Aspects

  • Jan Camenisch
  • Jens Groth
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3352)

Abstract

A group signature scheme allows members of a group to anonymously sign messages. To counter misuse, the anonymity can be revoked by the so-called group manager.

This paper contributes two results to the area of group signatures. First, we improve the state-of-the-art scheme by Ateniese et al. by an order of magnitude. Our new scheme satisfies the recent security definition by Bellare et al. Second, and of a more theoretical nature, we study the Bellare et al. definitions and show that their notion of full-anonymity may require stronger assumptions than what is needed to achieve a relaxed but reasonable notion of anonymity.

Keywords

Signature Scheme Group Manager Discrete Logarithm Random Oracle Model Trust Computing Group 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Ateniese, G., de Medeiros, B.: Efficient group signatures without trapdoors. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 246–268. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Ateniese, G., Song, D.X., Tsudik, G.: Quasi-efficient revocation in group signatures. In: Financial Cryptography 2002, pp. 183–197 (2002)Google Scholar
  4. 4.
    Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures using strong diffie hellman. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 61. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Camenisch, J., Michels, M.: A group signature scheme with improved efficiency. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 160–174. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  10. 10.
    Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)Google Scholar
  11. 11.
    Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)Google Scholar
  12. 12.
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  13. 13.
    Goldreich, O., Rosen, V.: On the security of modular exponentiation with application to the construction of pseudorandom generators. Journal of Cryptology 16(2), 71–93 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. on Comp. 17(2), 281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: Proceedings of STOC 1989, pp. 44–61 (1989)Google Scholar
  16. 16.
    Kiayias, A., Tsiounis, Y., Yung, M.: Traceable signatures. Cryptology ePrint Archive, Report 2004/007 (2004), http://eprint.iacr.org/
  17. 17.
    Lenstra, A.K., Verheul, E.K.: Selecting cryptographic key sizes. Journal of Cryptology 14(4), 255–293 (2001)zbMATHMathSciNetGoogle Scholar
  18. 18.
    Lysyanskaya, A.: Unique signatures and verifiable random functions from the DH-DDH separation. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 597–612. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  19. 19.
    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)Google Scholar
  20. 20.
    Trusted Computing Group. TCG TPM specification 1.2 (2003), Available at http://www.trustedcomputinggroup.org
  21. 21.
    Tsudik, G., Xu, S.: Accumulating composites and improved group signing. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 269–286. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Jan Camenisch
    • 1
  • Jens Groth
    • 2
    • 3
  1. 1.Zurich Research LabIBM Research 
  2. 2.Cryptomathic 
  3. 3.BRICS, Dept. of computer ScienceUniversity of Aarhus 

Personalised recommendations