Japanese
|
Top | | Introduction | | Members | | Activities | | Call for Paper | | Link | |
Japanese
|
|
In 1991, Chaum presented a new type of digital signature, called a group
signature, allows a group member to sign messages anonymously on behalf
of the group. The previous group signature schemes are classified two types, a public-key-registration type, and a certification type. In the former type, the group public key is a list of group member's public keys, so both a group public key and the signature size depend on the number of group members. However, it is easy to revoke a group member by removing the public key from a group public key. By using a renewal group public key, a signature generated by a revoked group member does not pass the verification. In the latter type, we verify the membership of a signer by using the membership certificate. Therefore, both a group public key and signature size do not depend on the number of group members. However, it is troublesome to revoke a group member because they have distributed certificates. In a certification type, it is necessary for GM to issue a black list of revoked members, and for us to check the black list in each verification. The size of black list depends on the number of revoked members, which is used in both of signature generation and verification, and thus the signature size and the computation amount of signature generation and verification depend on number of revoked member. We propose a new group signature with efficient revocation. Our scheme does not need black list, and neither the signature size nor the computation amount of both signature generation and verification depend on the number of revoked members or group members. |
|
[ back ] |