A fully-functional group signature scheme over only known-order group

Abstract

The concept of group signature allows a group member to sign message anonymously on behalf of the group. In the event of a dispute, a designated entity can reveal the identity of a signer. Previous group signature schemes use an RSA signature based membership certificate and a signature based on a proof of knowledge(SPK) in order to prove the possession of a valid membership certificate. In these schemes, SPK is generated over an unknown-order group, which requires more works and memory compared with a publicly-known-order group. Recently, a group signature based on a known-order group is proposed. However, it requires an unknown-order group as well as a known-order group. Furthermore, unfortunately, it does not provide the function of revocation. In this paper, we propose the group signature scheme based on only publicly-known-order groups. Our scheme improves the Nyberg-Rueppel signature to fit for generating membership certificates and uses SPKs over a cyclic group whose order is publicly known. As a result, our scheme reduces the size of group signature and the computational amount of signature generation and verification. © Springer-Verlag Berlin Heidelberg 2004.