Revocable group signature schemes with constant costs for signing and verifying

Toru Nakanishi; Hiroki Fujii; Yuta Hira; Nobuo Funabiki

doi:10.1587/transfun.E93.A.50

Revocable group signature schemes with constant costs for signing and verifying

Toru Nakanishi, Hiroki Fujii, Yuta Hira, Nobuo Funabiki

School of Engineering

Research output: Contribution to journal › Article › peer-review

12 Citations (Scopus)

Abstract

Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N) or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch-Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, the updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where any update of secret key is not required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with O(√N)-size public key, where signing and verifying have constant extra costs.

Original language	English
Pages (from-to)	50-62
Number of pages	13
Journal	IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Volume	E93-A
Issue number	1
DOIs	https://doi.org/10.1587/transfun.E93.A.50
Publication status	Published - Jan 2010

Keywords

Anonymity
Group signatures
Pairings
Revocations

ASJC Scopus subject areas

Signal Processing
Computer Graphics and Computer-Aided Design
Electrical and Electronic Engineering
Applied Mathematics

Access to Document

10.1587/transfun.E93.A.50

Cite this

@article{a976ca2a3b2e4b57ada86cc42e66121e,

title = "Revocable group signature schemes with constant costs for signing and verifying",

abstract = "Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N) or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch-Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, the updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where any update of secret key is not required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with O(√N)-size public key, where signing and verifying have constant extra costs.",

keywords = "Anonymity, Group signatures, Pairings, Revocations",

author = "Toru Nakanishi and Hiroki Fujii and Yuta Hira and Nobuo Funabiki",

year = "2010",

month = jan,

doi = "10.1587/transfun.E93.A.50",

language = "English",

volume = "E93-A",

pages = "50--62",

journal = "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences",

issn = "0916-8508",

publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",

number = "1",

}

TY - JOUR

T1 - Revocable group signature schemes with constant costs for signing and verifying

AU - Nakanishi, Toru

AU - Fujii, Hiroki

AU - Hira, Yuta

AU - Funabiki, Nobuo

PY - 2010/1

Y1 - 2010/1

N2 - Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N) or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch-Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, the updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where any update of secret key is not required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with O(√N)-size public key, where signing and verifying have constant extra costs.

AB - Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N) or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch-Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, the updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where any update of secret key is not required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with O(√N)-size public key, where signing and verifying have constant extra costs.

KW - Anonymity

KW - Group signatures

KW - Pairings

KW - Revocations

UR - http://www.scopus.com/inward/record.url?scp=77950664929&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77950664929&partnerID=8YFLogxK

U2 - 10.1587/transfun.E93.A.50

DO - 10.1587/transfun.E93.A.50

M3 - Article

AN - SCOPUS:77950664929

SN - 0916-8508

VL - E93-A

SP - 50

EP - 62

JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

IS - 1

ER -

Revocable group signature schemes with constant costs for signing and verifying

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this