Janoš Vidali (2008) Group signatures. EngD thesis.
Group signatures make it possible for group members to sign messages on behalf of the group, while not revealing the signer's identity. Only the group's revocation manager, who is in possession of a secret key for signature opening, can identify the signer. We define a group signature scheme and present the security notions of anonymity, traceability, unforgeability, coalition resistance, unlinkability and their formalized counterparts. We also take a look at the cryptographic primitives that the group signature schemes consist of. We present some computational models and computational hardness assumptions, and then we give the security notions for digital signature schemes and asymmetric encryption schemes that can be used for building a group signature scheme. We then show some non-interactive zero-knowledge proofs. An overview of two group signature schemes follows. The first scheme by Camenisch and Michels was among the first secure and efficient group signature schemes, but it does not support removing group members. Next we present the scheme by Zhou and Lin, which supports group member revocation and is even more efficient, but its security is somewhat reduced. Finally, we take a look at possible versions of group signatures and propose a new group signature scheme.
Actions (login required)