Information Technology Reference
In-Depth Information
Group signatures can be understood as an extension of credential authentication
and membership authentication schemes. In the first schemes, a user proves that
he belongs to a specific group [6]; whereas in the second ones, a member of a
group can convince a verifier that he belongs to that group without revealing
him his identity [7,8].
There exist several proposals for group signatures, which use a number of
cryptographic primitives. Some of these proposals need a Trusted Third Party
(TTP),
, at least for the initialization process. Other schemes, however, allow
any user to create the group he chooses to belong to.
As a general rule, group signatures make use of schemes whose security is
based on computationally-intractable mathematical problems [9,10,11]. Typi-
cally, such problems are the Integer Factorization Problem (IFP) and the Dis-
crete Logarithm Problem (DLP).
Nevertheless, most of these protocols show some limitations. For example,
the schemes described in [12,13,14] have a security problem [15]. Moreover, the
security of the schemes presented in [16,17] is tested under artificial and unlikely
conditions [18].
The proposed group signature scheme presented here guarantees that a true
group signature is generated for a given message. Moreover, the scheme improves
existing protocols in terms of user friendliness, computational eciency, time and
band-width saving. Moreover, this proposal verifies the properties required for
group signature schemes: Only a group member can validly sign a document or
message. The signed-message receiver is able to verify that the signature is a
valid group signature,
i.e.
, it has been carried out by one legitimate member of
the group. However, the receiver will not be able to determine which particular
group member actually signed the message. Finally, if required (in case of a
dispute, for example) it is possible to disclose the signer,
i.e.
, to reveal which
user actually signed the message.
The rest of this paper is organized as follows: In section 2 a group signature
scheme based on the Integer Factorization and Subgroup Discrete Logarithm
Problems is proposed. In section 3, the main properties of the new scheme are
shown. The security analysis of the proposal is performed in section 4, and finally,
the conclusions are presented in section 5.
T
2 A Group Signature Scheme Based on IFP and SDLP
In this section we propose a group signature scheme for which a randomly chosen
member of a given group signs a document, on behalf of the whole group, making
use of his private key. The verifier of the signature checks whether or not the
signature corresponds to one of them, using the public key that all the members
of the group share. Moreover, the verifier will not be able to decide who was the
original signer.
Let
G
=
{
U
1
,U
2
,...,U
t
}
be the signer group and let
T
be the Trusted Third
Party.
Search WWH ::
Custom Search