Paper 2005/385

Practical Group Signatures without Random Oracles

Giuseppe Ateniese, Jan Camenisch, Susan Hohenberger, and Breno de Medeiros


We provide a construction for a group signature scheme that is provably secure in a universally composable framework, within the standard model with trusted parameters. Our proposed scheme is fairly simple and its efficiency falls within small factors of the most efficient group signature schemes with provable security in any model (including random oracles). Security of our constructions require new cryptographic assumptions, namely the Strong LRSW, EDH, and Strong SXDH assumptions. Evidence for any assumption we introduce is provided by proving hardness in the generic group model. Our second contribution is the first definition of security for group signatures based on the simulatability of real protocol executions in an ideal setting that captures the basic properties of unforgeability, anonymity, unlinkability, and exculpability for group signature schemes.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Group signaturesrandom oraclesstandard modelgroup signature security definitionideal functionality.
Contact author(s)
jca @ zurich ibm com
2006-08-24: last of 4 revisions
2005-10-24: received
See all versions
Short URL
Creative Commons Attribution


      author = {Giuseppe Ateniese and Jan Camenisch and Susan Hohenberger and Breno de Medeiros},
      title = {Practical Group Signatures without Random Oracles},
      howpublished = {Cryptology ePrint Archive, Paper 2005/385},
      year = {2005},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.