Paper 2003/194

Security Analysis of Several Group Signature Schemes

Guilin Wang

Abstract

At Eurocrypt'91, Chaum and van Heyst introduced the concept of group signature. In such a scheme, each group member is allowed to sign messages on behalf of a group anonymously. However, in case of later disputes, a designated group manager can open a group signature and identify the signer. In recent years, researchers have proposed a number of new group signature schemes and improvements with different levels of security. In this paper, we present a security analysis of five group signature schemes proposed in [25,27,18,30,10]. By using the same method, we successfully identify several universally forging attacks on these schemes. In our attacks, anyone (not necessarily a group member) can forge valid group signatures on any messages such that the forged signatures cannot be opened by the group manager. We also discuss the linkability of these schemes, and further explain why and how we find the attacks.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. A compressed version of this paper appears in INDOCRYPT 2003, LNCS 2904, pp. 252-265. Springer-Verlag, 2003.
Keywords
digital signaturegroup signatureforgerycryptanalysis.
Contact author(s)
glwang @ i2r a-star edu sg
History
2004-04-12: last of 10 revisions
2003-09-22: received
See all versions
Short URL
https://ia.cr/2003/194
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2003/194,
      author = {Guilin Wang},
      title = {Security Analysis of Several Group Signature Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2003/194},
      year = {2003},
      note = {\url{https://eprint.iacr.org/2003/194}},
      url = {https://eprint.iacr.org/2003/194}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.