• PDF / 170,377 Bytes
• 10 Pages / 430 x 659.996 pts Page_size
• 68 Downloads / 204 Views

DOWNLOAD

REPORT

2

College of sciences, North China University of Technology, Shijingshan district, 100041, Beijing, China {jhzhang, zjh}@ncut.edu.cn, State Key Lab. on ISN, Xidian University, 710071, Xi’an, Shaanxi, China [email protected]

Abstract. As a special digital signature, a group signature scheme allows a group member to sign message on behalf of the group in an anonymous and unlinkability way, In case of a dispute, a designated group manager can reveal the actual identity of the signer. Anonymity and unlinkability are basic properties of group signature, which distinguish other signature schemes. Recently, based on a variant of Nyberg-Rueppel signature and knowledge proof signature, A.Miyaji et al proposed a new group signature scheme over only known-order group and claimed that the scheme is secure. Unfortunately, in this work we first show that the scheme has linkability, Namely, any one can distinguish whether two different group signatures are produced by the same signer, then give the corresponding attack on the scheme. Finally, we propose an improved scheme to overcome the above drawback:linkability and include a novel concept:individual revocation of signatures. At the same time, we give the security analysis of the improved scheme.

1

Introduction

Digital signature plays an important role to provide data integrity, authentication and undeniability for electronic transactions. Group signatures, first introduced by Chaum and van Heyst in[14]. In such a scheme each group member of a given group is allowed to sign messages on behalf of the group in an anonymous and unlinkable way. A receiver only needs the unique group public key to check the validity of a group signature. In case of a dispute, group manager can reveal the identify the identity of the signer, while other group members neither can identify the identity of the signer nor determine whether multiple signature are produced by the same group member. With time, more security requirements were added, including unlinkability, unforgeability, collusion resistance [4], exculpability [4], and framing resistance [16]. Many practical schemes were presented, some with claims of proven security in the random oracle model [1]. However, it is often unclear what the schemes or claimed proofs in these works actually deliver in terms of security guarantees, due largely to the fact that the requirements are informal and sometimes ambiguous, not precisely specifying adversary capabilities and goals. It would be beneficial S. Katsikas, J. L´ opez, G. Pernul (Eds.): TrustBus 2005, LNCS 3592, pp. 185–194, 2005. c Springer-Verlag Berlin Heidelberg 2005


186

J. Zhang, J. Zou, and Y. Wang

in this context to have proper foundations, meaning strong formal definition and rigorously proven-secure schemes. Anonymity and unlinkability are two important properties of group signature. Because of the anonymity and unlinkability of group signature, their properties can hide the group internal structure for a verifier, while they can assure group manager to reveal the signer’s ident

Recommend Documents

Computational Modeling, Optimization and Manufacturing Simulation of Advanced Engineering Materials

226 28 13MB

Optimization in Engineering Models and Algorithms

211 10 7MB

Global Optimization in Engineering Design

172 36 30MB

Intelligent Computational Optimization in Engineering Techniques and

210 81 10MB

Modeling, Simulation, and Optimization

255 83 4MB

New Optimization Techniques in Engineering

181 62 11MB

Numerical Modeling in Materials Science and Engineering

248 59 65MB

Model Development and Optimization for Space Engineering: Concepts, Tools, Applications, and Perspectives

157 39 368KB

Mathematical Modeling in Materials Science and Engineering

258 103 1MB

Nonlinear Regression Analysis by Global Optimization: A Case Study in Space Engineering

144 13 541KB

Statistical Space-Time Modeling

173 14 239KB

Modeling and Optimization in Green Logistics

149 79 4MB