On the Linkability of Some Group Signature Schemes

Hung Min Sun, Her Tyan Yeh, Tzone-Lih Hwang

研究成果: Article

摘要

A group signature scheme is a digital signature scheme that allows a group member to sign messages anonymously on behalf of the group. Recently, Tseng and Jan proposed two group signature schemes based on self-certified and ID-based public keys respectively. However, these two schemes were shown to be insecure against forgery due to Joye et al. Later, Sun et al. showed that Tseng and Jan's self-certified group signature scheme is linkable. In this paper, we first point out that the proposed linking equation, which is used to check the linkability of Tseng and Jan's self-certified scheme, cannot work because the inverse problem of RSA is hard. A repaired linking equation is consequently proposed to fix this problem. Then, we show that Tseng and Jan's ID-based scheme is still linkable because given any two valid group signatures it is easy to decide whether these two group signatures are generated by the same group member or not.

原文English
頁(從 - 到)85-94
頁數10
期刊Informatica
14
發行號1
出版狀態Published - 2003 一月 1

指紋

Group Signature
Electronic document identification systems
Group Scheme
Signature Scheme
Inverse problems
Identity-based
Linking
Digital Signature
Public key
Inverse Problem
Valid

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Applied Mathematics

引用此文

Sun, Hung Min ; Yeh, Her Tyan ; Hwang, Tzone-Lih. / On the Linkability of Some Group Signature Schemes. 於: Informatica. 2003 ; 卷 14, 編號 1. 頁 85-94.
@article{ce1bdee943f7478fb94ba777f3e2d504,
title = "On the Linkability of Some Group Signature Schemes",
abstract = "A group signature scheme is a digital signature scheme that allows a group member to sign messages anonymously on behalf of the group. Recently, Tseng and Jan proposed two group signature schemes based on self-certified and ID-based public keys respectively. However, these two schemes were shown to be insecure against forgery due to Joye et al. Later, Sun et al. showed that Tseng and Jan's self-certified group signature scheme is linkable. In this paper, we first point out that the proposed linking equation, which is used to check the linkability of Tseng and Jan's self-certified scheme, cannot work because the inverse problem of RSA is hard. A repaired linking equation is consequently proposed to fix this problem. Then, we show that Tseng and Jan's ID-based scheme is still linkable because given any two valid group signatures it is easy to decide whether these two group signatures are generated by the same group member or not.",
author = "Sun, {Hung Min} and Yeh, {Her Tyan} and Tzone-Lih Hwang",
year = "2003",
month = "1",
day = "1",
language = "English",
volume = "14",
pages = "85--94",
journal = "Informatica",
issn = "0868-4952",
publisher = "IOS Press",
number = "1",

}

Sun, HM, Yeh, HT & Hwang, T-L 2003, 'On the Linkability of Some Group Signature Schemes', Informatica, 卷 14, 編號 1, 頁 85-94.

On the Linkability of Some Group Signature Schemes. / Sun, Hung Min; Yeh, Her Tyan; Hwang, Tzone-Lih.

於: Informatica, 卷 14, 編號 1, 01.01.2003, p. 85-94.

研究成果: Article

TY - JOUR

T1 - On the Linkability of Some Group Signature Schemes

AU - Sun, Hung Min

AU - Yeh, Her Tyan

AU - Hwang, Tzone-Lih

PY - 2003/1/1

Y1 - 2003/1/1

N2 - A group signature scheme is a digital signature scheme that allows a group member to sign messages anonymously on behalf of the group. Recently, Tseng and Jan proposed two group signature schemes based on self-certified and ID-based public keys respectively. However, these two schemes were shown to be insecure against forgery due to Joye et al. Later, Sun et al. showed that Tseng and Jan's self-certified group signature scheme is linkable. In this paper, we first point out that the proposed linking equation, which is used to check the linkability of Tseng and Jan's self-certified scheme, cannot work because the inverse problem of RSA is hard. A repaired linking equation is consequently proposed to fix this problem. Then, we show that Tseng and Jan's ID-based scheme is still linkable because given any two valid group signatures it is easy to decide whether these two group signatures are generated by the same group member or not.

AB - A group signature scheme is a digital signature scheme that allows a group member to sign messages anonymously on behalf of the group. Recently, Tseng and Jan proposed two group signature schemes based on self-certified and ID-based public keys respectively. However, these two schemes were shown to be insecure against forgery due to Joye et al. Later, Sun et al. showed that Tseng and Jan's self-certified group signature scheme is linkable. In this paper, we first point out that the proposed linking equation, which is used to check the linkability of Tseng and Jan's self-certified scheme, cannot work because the inverse problem of RSA is hard. A repaired linking equation is consequently proposed to fix this problem. Then, we show that Tseng and Jan's ID-based scheme is still linkable because given any two valid group signatures it is easy to decide whether these two group signatures are generated by the same group member or not.

UR - http://www.scopus.com/inward/record.url?scp=0141755216&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0141755216&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:0141755216

VL - 14

SP - 85

EP - 94

JO - Informatica

JF - Informatica

SN - 0868-4952

IS - 1

ER -