Group signature

Group signature

A Group signature scheme is a method for allowing a member of a group to anonymously sign a message on behalf of the group. The concept was first introduced by David Chaum and Eugene van Heyst in 1991. For example, a group signature scheme could be used by an employee of a large company where it is sufficient for a verifier to know a message was signed by an employee, but not the particular employee who signed it. Another application is for keycard access to restricted areas where it is inappropriate to track individual employee's movements, but necessary to secure areas to only employees in the group.

Essential to a group signature scheme is a "group manager", who is in charge of adding group members and has the ability to reveal the original signer in the event of disputes. In some systems the responsibilities of adding members and revoking signature anonymity are separated and given to a membership manager and revocation manager respectively. Many schemes have been proposed, however all should follow these basic requirements:

*Soundness and Completeness: Valid signatures by group members always verify correctly, and invalid signatures always fail verification.
*Unforgeable: Only members of the group can create valid group signatures.
*Signer ambiguous: Given a message and its signature, the identity of the individual signer cannot be determined without the revocation manager's secret key.
*Unlinkability: Given two messages and their signatures, we cannot tell if the signatures were from the same signer or not.
*No Framing: Even if all other group members (and the managers) collude, they cannot forge a signature for a non-participating group member.
*Unforgeable tracing verification: The revocation manager cannot falsely accuse a signer of creating a signature he did not create.

The ACJT 2000, BBS04 (in Crypto), BS04 (in CCS) group signature schemes are the state of the art. (Note: this might be an incomplete list)

A more formal definition that is geared towards provable security was given by Bellare, Micciancio and Warinschi.

See also

*Ring signature: A similar system that excludes the requirement of a group manager and provides true anonymity for signers.

References

* cite conference
author=D. Chaum and E. van Heyst
title=Group signatures
booktitle=Advances in Cryptology — EUROCRYPT ’91, volume 547 of Lecture Notes in Computer Science
year=1991
pages=257-265
* J. Camenisch, M. Michels. "A Group Signature Scheme Based on an RSA-Variant". 1998 (http://www.brics.dk/RS/98/27/BRICS-RS-98-27.pdf)

* M. Bellare, H. Shi and C. Zhang. "Foundations of Group Signatures: The Case of Dynamic Groups". Topics in Cryptology - CT-RSA 2005 Proceedings, Lecture Notes in Computer Science Vol. 3376, A. Menezes ed, Springer-Verlag, 2005. (http://www-cse.ucsd.edu/users/mihir/papers/dgs.html)

* M. Bellare, D. Micciancio and B. Warinschi. "Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions". Advances in Cryptology - Eurocrypt 2003 Proceedings, Lecture Notes in Computer Science Vol. 2656, E. Biham ed, Springer-Verlag, 2003. (http://www-cse.ucsd.edu/users/mihir/papers/gs.html)


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Signature numérique — Pour les articles homonymes, voir Signature (homonymie). La signature numérique (parfois appelée signature électronique) est un mécanisme permettant de garantir l intégrité d un document électronique et d en authentifier l auteur, par analogie… …   Wikipédia en Français

  • Signature Box — Kompilationsalbum von John Lennon Veröffentlichung 1. Oktober 2010 Label EMI Group …   Deutsch Wikipedia

  • Signature (mathematics) — In mathematics, signature can refer to*The signature of a permutation is ±1 according to whether it is an even/odd permutation. The signature function defines a group homomorphism from the symmetric group to the group {±1}. *The signature of a… …   Wikipedia

  • Signature (disambiguation) — A signature is a hand written, stylized version of someone s name.Signature may also mean: NOTOC In computers*Signature block, text automatically appended at the bottom of an e mail message, Usenet article, or forum post. *Method signature, in… …   Wikipedia

  • Signature of a knot — The signature of a knot is a topological invariant in knot theory. It may be computed from the Seifert surface.Given a knot K in the 3 sphere, it has a Seifert surface S whose boundary is K . The Seifert form of S is the pairing phi : H 1(S) imes …   Wikipedia

  • Signature song — A signature song is the one song (or, in some cases, one of a few songs) that a popular and well established singer or band, is most closely identified with, even if they have had success with a variety of songs. Signature songs are a marketing… …   Wikipedia

  • Signature (topology) — In mathematics, the signature of an oriented manifold M is defined when M has dimension d divisible by four. In that case, when M is connected and orientable, cup product gives rise to a quadratic form Q on the middle real cohomology group: H 2 n …   Wikipedia

  • Signature Theatres — Regal Entertainment Group Logo de Regal Entertainment Group Dates clés 1999 (Création à Knoxville, Tennessee) Personnages clés Philip Anschutz …   Wikipédia en Français

  • Group 90 — Infobox Art Group bgcolour = #6495ED name = Group 90 imagesize = caption = startdate = 1987 location = Lasalle SIA College of the Arts (Telok Kurau Campus) Singapore enddate = endplace = nationality = Singapore field = Figurative art, Figure… …   Wikipedia

  • signature — noun Etymology: Middle French or Medieval Latin; Middle French, from Medieval Latin signatura, from Latin signatus, past participle of signare to sign, seal Date: 1536 1. a. the act of signing one s name to something b. the name of a person… …   New Collegiate Dictionary

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”