International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Accumulating Composites and Improved Group Signing

Gene Tsudik
Shouhuai Xu
Search ePrint
Search Google
Abstract: Constructing practical and provably secure group signature schemes has been a very active research topic in recent years. A group signature can be viewed as a digital signature with certain extra properties. Notably, anyone can verify that a signature is generated by a legitimate group member, while the actual signer can only be identified (and linked) by a designated entity called a group manager. Currently, the most efficient group signature scheme available is due to Camenisch and Lysyanskaya \cite{CL02}. It is obtained by integrating a novel dynamic accumulator with the scheme by Ateniese, et al. \cite{ACJT00}. In this paper, we construct a dynamic accumulator that accumulates \emph{composites}, as opposed to previous accumulators that accumulated \emph{primes}. We also present an efficient method for proving knowledge of factorization of a committed value. Based on these (and other) techniques we design a novel provably secure group signature scheme. It operates in the \emph{common auxiliary string} model and offers two important benefits: 1) the {\sf Join} process is very efficient: a new member computes only a single exponentiation, and 2) the (unoptimized) cost of generating a group signature is 17 exponentiations which is appreciably less than the state-of-the-art.
  title={Accumulating Composites and Improved Group Signing},
  booktitle={IACR Eprint archive},
  keywords={applications / Accumulator, group signature, identity escrow},
  note={ 12202 received 30 May 2003},
  author={Gene Tsudik and Shouhuai Xu},