A number of group signature schemes have been proposed to-date. However, in order for the whole group signature concept to become practical and credible, the problem of secure and efficient group member revocation must be addressed. In this paper, we construct a new revocation method for group signatures based on the signature scheme by Ateniese et al. at Crypto 2000. This new method represents an advance in the state-of-the-art since the only revocation schemes proposed thus far are either: 1) based on implicit revocation and the use of fixed time periods, or 2) require the signature size to be linear in the number of revoked members. Our method, in contrast, does not rely on time periods, offers constant-length signatures and constant work for the signer.
Category / Keywords: public-key cryptography / Group signatures, revocation, dynamic groups Publication Info: Financial Cryptography 2002, February 2002, Hamilton, Bermuda. Date: received 20 Nov 2001, last revised 1 Apr 2002 Contact author: gts at ics uci edu Available format(s): PDF | BibTeX Citation Version: 20020402:001053 (All versions of this report) Short URL: ia.cr/2001/101 Discussion forum: Show discussion | Start new discussion