A Non-interactive Public-Key Distribution System
Designs, Codes and Cryptography
A novel ID-based group signature
Information Sciences—Informatics and Computer Science: An International Journal
Identity-Based and Self-Certified Key-Exchange Protocols
ACISP '97 Proceedings of the Second Australasian Conference on Information Security and Privacy
Efficient Group Signature Schemes for Large Groups (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Modified Maurer-Yacobi`s scheme and its applications
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
How to Convert any Digital Signature Scheme into a Group Signature Scheme
Proceedings of the 5th International Workshop on Security Protocols
Efficient and generalized group signatures
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
| Hi-index | 0.00 |
A group signature scheme is a digital signature scheme that allows a group member to sign messages anonymously on behalf of the group. Recently, Tseng and Jan proposed two group signature schemes based on self-certified and ID-based public keys respectively. However, these two schemes were shown to be insecure against forgery due to Joye et al. Later, Sun et al. showed that Tseng and Jan's self-certified group signature scheme is linkable. In this paper, we first point out that the proposed linking equation, which is used to check the linkability of Tseng and Jan's self-certified scheme, cannot work because the inverse problem of RSA is hard. A repaired linking equation is consequently proposed to fix this problem. Then, we show that Tseng and Jan's ID-based scheme is still linkable because given any two valid group signatures it is easy to decide whether these two group signatures are generated by the same group member or not.