Paper 2005/353

On the Security of A Group Signature Scheme

Jianhong Zhang and Wei Zou

Abstract

As a special digital signature, a group signature scheme al- lows a group member to sign message on behalf of the group in an anony-mous and unlinkability way, In case of a dispute, the group manager can reveal the actual identity of signer. Anonymity and unlinkability are basic properties of group signature, which distinguish other signature scheme. Recently, based on the work of Camenisch and Lysyanskaya, which is known to be the most e±cient scheme so far, E.Y.Choi et.al propose an e±cient group signature scheme with member revocation at TrustBus 2005. Unfortunately, in this work we show that the scheme has linkability, Namely, any one can distinguish whether two di®erent group signatures are produced by the same signer, and that the revo- cation manager cannot trace the actual identity of a signer by a group signature. Finally, we give the corresponding attack to the scheme.

Metadata
Available format(s)
PDF PS
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
jhzhang @ ncut edu cn
History
2005-10-09: received
Short URL
https://ia.cr/2005/353
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/353,
      author = {Jianhong Zhang and Wei Zou},
      title = {On the Security of A Group Signature Scheme},
      howpublished = {Cryptology ePrint Archive, Paper 2005/353},
      year = {2005},
      note = {\url{https://eprint.iacr.org/2005/353}},
      url = {https://eprint.iacr.org/2005/353}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.