Computer Engineering and Applications ›› 2013, Vol. 49 ›› Issue (2): 113-118.

Previous Articles     Next Articles

Member ID-based group signature with online extractors

LIU Xin1,2,3   

  1. 1.School of Information Engineering, Shandong Youth University of Political Science, Jinan 250014, China
    2.School of Computer Science and Technology, Shandong University, Jinan 250101, China
    3. Key Lab of Information Security and Intelligent Control in Universities of Shandong ,Shandong Youth University of Political Science, Jinan 250103, China
  • Online:2013-01-15 Published:2013-01-16

具有在线提取器的成员基于身份的群签名方案

柳  欣1,2,3   

  1. 1.山东青年政治学院 信息工程学院,济南 250014
    2.山东大学 计算机科学与技术学院,济南 250101
    3.山东青年政治学院 山东省高校信息安全与智能控制重点实验室,济南 250103

Abstract: Identity-based Group Signature schemes(ID-based GS) are essentially group signatures with further refinement of tracing mechanism. In other words, ID-based GS enjoys the advantage that the users’ membership public keys are tightly bound with their publicly known identifiers(e.g.IP address). However, the main complaints regarding the design work on ID-based GS are solutions without rigorous analysis in formal security model, schemes with weakened security notions, and low-level efficiency constructions. A more practical ID-based GS is proposed by making use of the block messages signature over bilinear groups and the technique of non-interactive proofs of knowledge with online extractors. The proposal achieves two distinguished features, i.e., the open authority can independently open the disputed signature and the registration procedure can be carried out concurrently. Moreover, the computational cost of the new scheme can be further reduced by using the technique of iterated Hash function and batch verification.

Key words: member ID-based group signatures, non-interactive proofs of knowledge, online extractors, concurrent join, batch verification

摘要: 基于身份的群签名方案(ID-based GS)在本质上是追踪机制得到优化的群签名方案。ID-based GS方案的优势是对用户的成员公钥及其公开识别信息(如IP地址)进行了紧密的绑定。然而,已有的ID-based GS方案并不令人满意,这主要体现在无法在形式化的安全模型下得到证明,仅实现了放宽的安全性质,以及效率不高。通过结合双线性群上的消息块签名方案以及具有在线提取器的非交互知识证明技术,提出一个更为实用的ID-based GS方案。新方案具备两个显著的性质,即打开权威可以独立地打开争议的签名,而且注册协议能够以并发方式执行。此外,利用迭代散列函数和批验证技术,可以进一步地降低新方案的运算耗费。

关键词: 成员基于身份的群签名, 非交互的知识证明, 在线提取器, 并发加入, 批验证