Abstract
Group signature schemes allow a member of a group to sign messages anonymously on behalf of the group. In case of later dispute, a designated group manager can revoke the anonymity and identify the originator of a signature. In Asiacrypt2004, Nguyen and Safavi-Naini proposed a group signature scheme that has a constant-sized public key and signature length, and more importantly, their group signature scheme does not require trapdoor. Their scheme is very efficient and the sizes of signatures are smaller than those of the other existing schemes. In this paper, we point out that Nguyen and Safavi-Naini’s scheme is insecure. In particular, it is shown in our cryptanalysis of the scheme that it allows a non-member of the group to sign on behalf of the group. And the resulting signature convinces any third party that a member of the group has indeed generated such a signature, although none of the members has done so. Therefore is in case of dispute, even the group manager cannot identify who has signed the message. In the paper a new scheme that does not suffer from this problem is provided.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
D Chaum, E van Heyst. Group signatures. In Proc. Advances in Cryptology—Eurocrypt 1991, Lecture Notes in Computer Science 547, Brighton, UK, 1991, pp.257–265.
Camenisch J. Efficient and generalized group signatures. In Proc. Advances in Cryptology—Eurocrypt 1997, Lecture Notes in Computer Science 1233, Konstanz, Germany, 1997, pp.465–479.
Chen L, Pedersen T P. New group signature schemes. In Proc. Advances in Cryptology—Eurocrypt 1994, Lecture Notes in Computer Science 950, Perugia, italy, 1994, pp.171–181.
Camenisch J, Stadler M. Efficient group signature schemes for large groups. In Proc. Advances in Cryptology—Crypto 1997, Lecture Notes in Computer Science 1294, Santa Barbara, California, USA, 1997, pp.410–424.
Camenisch J, Michels M. A group signature scheme with improved efficiency. In Proc. Advances in Cryptology—Asiacrypt 1998, Lecture Notes in Computer Science 1514, Beijing, China, 1998, pp.160–174.
Ateniese G, Camenisch J, Joye M, Tsudik G. A practical and provably secure coalition-resistant group signature scheme. In Proc. Advances in Cryptology—CRYPTO 2000, Lecture Notes in Computer Science 1880, Santa Barbara, California, USA, 2000, pp.255–270.
G Ateniese, B de Medeiros. Efficient Group Signatures without Trapdoors. In Proc. Advances in Cryptology—Asiacrypt 2003, Lecture Notes in Computer Science 2894, Taipei, 2003, pp.246–268.
Boneh D, Boyen X, Shacham H. Short group signatures. In Proc. Advances in Cryptology—Crypto 2004, Lecture Notes in Computer Science 3152, Santa Barbara, California, USA, 2004, pp.41–55.
Nguyen L, Safavi-Naini R. Efficient and provably secure trapdoor-free group signature schemes from bilinear pairings. In Proc. Advances in Cryptology—Asiacrypt 2004, Lecture Notes in Computer Science 3329, Jeju Island, Korea, 2004, pp.372–386.
Nguyen L, Safavi-Naini R. Efficient and provably secure trapdoor-free group signature schemes from bilinear pairings. Cryptology ePrint Archive, Report 2004/104, http://eprint.iacr.org/2004/104.
Camenisch J. Group signature schemes and payment systems based on the discrete logarithm problem [Dissertation]. ETH Zürich, 1998.
Boudot F. Efficient proofs that a committed number lies in an interval. In Proc. Advances in Cryptology—Eurocrypt 2000, Lecture Notes in Computer Science 1807, Bruges, Belgium, 2000, pp.431–444.
Bellare M, Shi H, Zhang C. Foundations of Group Signatures: The case of dynamic groups. Cryptology ePrint Archive, Report 2004/077, http://eprint.iacr.org/2004/077.
Fouque P, Pointcheval D. Threshold cryptosystems secure against chosen-ciphertext attacks. In Proc. Advances in Cryptology—Asiacrypt 2001, Lecture Notes in Computer Science 2248, Gold Coast, Australia, 2001, pp.351–368.
Huang X, Susilo W, Mu Y. Breaking and repairing trapdoor-free group signature schemes from Asiacrypt 2004. Cryptology ePrint Archive, Report 2005/122, http://eprint.iacr.org/2005/122.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work is supported by ARC Discovery under Grant No. DP0557493, Ministry of Education of Jiangsu Province under Grant No. 03KJA520066, and Xidian University’s Open Grant of Key Laboratory on Computer Network and Information Security of Ministry of Education of China.
Rights and permissions
About this article
Cite this article
Huang, XY., Susilo, W., Mu, Y. et al. Breaking and Repairing Trapdoor-Free Group Signature Schemes from Asiacrypt’2004. J Comput Sci Technol 22, 71–74 (2007). https://doi.org/10.1007/s11390-007-9008-8
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-007-9008-8