Abstract
The group signature scheme is an important primitive in cryptography, it allows members in a group to generate signatures anonymously on behalf of the whole group. In view of the practical application of such schemes, it is necessary to allow users’ registration and revocation when necessary, which makes the construction of dynamic group signature schemes become a significant direction. On the basis of (Ling et al., Lattice-based group signatures: achieving full dynamicity with ease, 2017), we present the first full dynamic group signature scheme over ring, and under the premise of ensuring security, the efficiency of the scheme is improved mainly from the following three aspects: the size of keys, the dynamic construction of a Merkle hash tree that used to record the information of registered users, and the reuse of the leaves in this tree. In addition, the public and secret keys of both group manager and trace manager are generated by a trusted third party, which prevents the situation that the two managers generate their respective public key and secret key maliciously. Compared with the counterpart of the scheme in (Ling et al., Lattice-based group signatures: achieving full dynamicity with ease, 2017) over ring, the expected space complexity of the Merkle tree used in our work down almost by half, and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.
Highlights
The concept of group signature scheme was proposed by Chaum and van Heyst (1991), which allows and only allows members in a group to sign messages anonymously on behalf of the whole group, and the generated signature would reveals nothing about the identity of the signer
The trace manager can use its secret key to open the signature to trace the identity of the signer, which avoids the unnecessary disputes
Most of the constructions of group signature schemes are static (Boneh et al 2004; Camenisch and Lysyanskaya 2004; Nguyen and Naini 2004; Furukawa and Yonezawa 2004), namely the members in a group and its size are all fixed in the setup phase, no changes about these parameters would appear during the subsequent operations in the scheme
Summary
The concept of group signature scheme was proposed by Chaum and van Heyst (1991), which allows and only allows members in a group to sign messages anonymously on behalf of the whole group, and the generated signature would reveals nothing about the identity of the signer. Revoke(gpk, S, msk, reg, infoτ ) → infoτnew : Given the revocation list S, for any i ∈ S, the group manager GMupdate runs algorithm TUpdate bin(i), 0k to update the Merkle hash tree, the registered user list reg and the group information infoτnew .
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
