Paper 2004/311

Hierarchical Group Signatures

Marten Trolin and Douglas Wikstrom


We introduce the notion of \emph{hierarchical group signatures}. This is a proper generalization of group signatures, which allows multiple group managers organized in a tree with the signers as leaves. For a signer that is a leaf of the subtree of a group manager, the group manager learns which of its children that (perhaps indirectly) manages the signer. We provide definitions for the new notion and construct a scheme that is provably secure given the existence of a family of trapdoor permutations. We also present a construction which is relatively practical, and prove its security in the random oracle model under the strong RSA assumption and the DDH assumption.

Note: The notion of cross-indistinguishability in the first version matches anonymity / key-privacy by Bellare (Asiacrypt 2001), which is now referenced. Added efficiency analysis. Corrected minor mistakes.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Presented at ICALP 2005. This is the full version.
group signatures
Contact author(s)
marten @ nada kth se
2005-04-08: last of 2 revisions
2004-11-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Marten Trolin and Douglas Wikstrom},
      title = {Hierarchical Group Signatures},
      howpublished = {Cryptology ePrint Archive, Paper 2004/311},
      year = {2004},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.