Paper 2018/1115

Group Signature without Random Oracles from Randomizable Signatures

Remi Clarisse and Olivier Sanders


Group signature is a central tool for privacy-preserving protocols, ensuring authentication, anonymity and accountability. It has been massively used in cryptography, either directly or through variants such as direct anonymous attestations. However, it remains a complex tool, especially if ones wants to avoid proving security in the random oracle model. In this work, we propose a new group signature scheme proven secure without random oracles which significantly decreases the complexity in comparison with the state-of-the-art. More specifically, we halve both the size and the computational cost compared to the most efficient alternative in the same model. Moreover, our construction is also competitive against the most efficient ones in the random oracle model. Our construction is based on a tailored combination of two popular signatures, which avoids the explicit use of encryption schemes or zero-knowledge proofs while signing. It is flexible enough to achieve security in different models and is thus suitable for most contexts.

Note: Our original title has been modified to avoid confusion with previous papers published with the same title. In the first versions of this paper, non-frameability was directly proved in the generic group model. We now introduce a new assumption and prove that it underlies the non-frameability of our construction.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
group signaturestandard model
Contact author(s)
olivier sanders @ orange com
2020-04-14: last of 4 revisions
2018-11-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Remi Clarisse and Olivier Sanders},
      title = {Group Signature without Random Oracles from Randomizable Signatures},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1115},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.