Abstract
A group signature scheme allows members of a possibly large group to sign messages anonymously on behalf of the group. Only a designated entity can determine the identity of the group member who issued a given signature. Group signatures, and particularly group blind signatures [28, 35] (which incorporate the properties of both blind signatures and group signatures), have many applications such as e-commerce.
In this paper, we first propose a new group signature scheme, suitable for large groups (i.e., the group’s public key and the signatures are fixed-size regardless of the number of memberships). Furthermore, we show how to use our group signature scheme to construct a practical privacy-protecting off-line electronic cash system. Our group signature scheme is more efficient than previous ones and the resulting electronic cash system is characterized by a high computational efficiency in the withdrawal protocol1.
Then, we show some weaknesses in the design of an electronic cash system based on a group signature scheme [28, 35]2. Finally, we describe some weaknesses of recently proposed group signature schemes [1, 2, 10, 28].
Such protocol involves a bank and a customer. The bank is the processing and communications bottleneck in such payment systems. Therefore, it is important to minimize bank’s workload when it is involved.
Our cash system avoids the weaknesses found in the (group signature based) anonymous payment system described in [28].
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
G. Ateniese and G. Tsudik, Group signatures à la carte, ACM Symposium on Discrete Logarithms, (to appear) January 1999. Available at http://www.isi.edu/~gts/pubs.html.
G. Ateniese and G. Tsudik, A coalition-resistant group signature, available as ISI Technical Report at: http://www.isi.edu/~gts/pubs.html.
D. Boneh, The decision Diffie-Hellman problem, Proceedings of the third Algorithmic Number Theory Symposium, Lecture Notes in Computer Science, Vol. 1423, Springer-Verlag, pp. 48–63.
S. Brands, An efficient off-line electronic cash system based on the representation problem, Technical Report CS-R9323, CWI, April 1993.
S. Brands, Untraceable off-line cash in wallets with observers, Proceedings of CRYPTO’93, Lecture Notes in Computer Science, Vol. 773, Springer-Verlag, pp. 302–318.
E. F. Brickell and J. M. DeLaurentis, An attack on a signature scheme proposed by Okamoto and Shiraishi, Proceedings of CRYPTO’85, Lecture Notes in Computer Science, Vol. 218, Springer-Verlag, pp. 28–32.
J. Camenisch, Efficient and generalized group signatures, Proceedings of EUROCRYPT’97, Lecture Notes in Computer Science, Vol. 1233, Springer-Verlag, pp. 465–479.
J. Camenisch and M. Michels, A group signature scheme with improved efficiency, Proceedings of ASIACRYPT’98, Lecture Notes in Computer Science, Vol. 1514, Springer-Verlag, pp. 160–174.
J. Camenisch and M. Michels, A group signature scheme with improved efficiency. Revised extended abstract.
J. Camenisch and M. Stadler, Efficient group signatures for large groups, Proceedings of CRYPTO’97, Lecture Notes in Computer Science, Vol. 1296, Springer-Verlag, pp. 410–424.
A. Chan, Y. Frankel, and Y. Tsiounis, Easy come-easy go divisible cash, Proceedings of EUROCRYPT’98, Lecture Notes in Computer Science, Vol. 1403, Springer-Verlag, pp. 561–575.
A. Chan, Y. Frankel, and Y. Tsiounis, Easy come-easy go divisible cash. Updated version with corrections on the Range Bounded Commitment protocol. Available at http://www.ccs.neu.edu/home/yiannis/pubs.html.
D. Chaum, Blind signatures for untraceable payments, Proceedings of CRYPTO’82, Plenum Press, 1983, pp. 199–203.
D. Chaum, Blind signature systems, Proceedings of CRYPTO’83, Plenum Press, 1984, page 153.
D. Chaum, A. Fiat and M. Naor, Untraceable electronic cash, Proceedings of CRYPTO’88, Lecture Notes in Computer Science, Vol. 403, Springer-Verlag, pp. 319–327.
D. Chaum and T. Pedersen, Wallet databases with observers, Proceedings of CRYPTO’92, Lecture Notes in Computer Science, Vol. 740, Springer-Verlag, pp. 89–105.
D. Chaum and E. van Heijst, Group signatures, Proceedings of EUROCRYPT’91, Lecture Notes in Computer Science, Vol. 547, Springer-Verlag, pp. 257–265.
L. Chen and T. Pedersen, New group signature schemes, Proceedings of EUROCRYPT’94, Lecture Notes in Computer Science, Vol. 950, Springer-Verlag, pp. 171–181.
U. Feige, A. Fiat and A. Shamir, Zero-knowledge proofs of identity, Journal of Cryptology, 1(2), pp. 77–94, 1988.
A. Fiat and A. Shamir, How to prove yourself, Proceedings of CRYPTO’86, Lecture Notes in Computer Science, Vol. 263, Springer-Verlag, pp. 186–194.
E. Fujisaki and T. Okamoto, Statistical zero knowledge protocols to prove modular polynomial relations, Proceedings of CRYPTO’97, Lecture Notes in Computer Science, Vol. 1294, Springer-Verlag, pp. 16–30.
R. Gennaro, H. Krawczyk, and T. Rabin, RSA-based undeniable signatures, Proceedings of CRYPTO’97, Lecture Notes in Computer Science, Vol. 1294, Springer-Verlag, pp. 231–234.
R. Gennaro, H. Krawczyk and T. Rabin, RSA-based undeniable signatures, Final version. Available at http://www.research.ibm.com/security/papers1997.html.
R. Gennaro, D. Micciancio, and T. Rabin, An efficient non-interactive statistical zero-knowledge proof system for quasi-safe prime products. To appear in the Proceedings of the Fifth ACM Conference on Computer and Communications Security, 1998.
M. Girault and J.F. Misarsky, Selective forgery of RSA signatures using redundancy, Proceedings of EUROCRYPT’97, Lecture Notes in Computer Science, Vol. 1233, Springer-Verlag, pp. 495–507.
M. Girault, P. Toffin, and B. Vallée, Computations of approximate L-th roots modulo n and application to cryptography, Proceedings of CRYPTO’88, Lecture Notes in Computer Science, Vol. 403, Springer-Verlag, pp. 100–117.
L.C. Guillou, J.J. Quisquater, M. Walker, P. Landrock, and C. Shaer, Precautions taken against various potential attacks in ISO/IEC DIS 9796, Digital signature scheme giving message recovery, Proceedings of EUROCRYPT’90, Lecture Notes in Computer Science, Vol. 473, Springer-Verlag, pp. 465–473.
A. Lysyanskaya and Z. Ramzan, Group blind digital signatures: A scalable solution to electronic cash, Proceedings of the 2nd Financial Cryptography conference, Anguilla, BWI, February 98. Springer-Verlag. To appear.
J. F. Misarsky, A multiplicative attack using LLL algorithm on RSA signatures with redundancy, Proceedings of CRYPTO’97, Lecture Notes in Computer Science, Vol. 1294, Springer-Verlag, pp. 231–234.
J.F. Misarsky, How (not) to design RSA signatures schemes, Proceedings of PKC’98, Lecture Notes in Computer Science, Vol. 1431, Springer-Verlag, pp. 14–28.
T. Okamoto, Provably secure and practical identification schemes and corresponding signature schemes, Proceedings of CRYPTO’92, Lecture Notes in Computer Science, Vol. 740, Springer-Verlag, pp. 31–53.
T. Okamoto and K. Ohta, Disposable zero-knowledge authentications and their applications to untraceable electronic cash, Proceedings of CRYPTO’89, Lecture Notes in Computer Science, Vol. 435, Springer-Verlag, pp. 481–497.
T. Okamoto and A. Shiraishi, A fast signature scheme based on quadratic inequalities, Proceedings of IEEE Symposium on Security and Privacy, pp. 123–132, 1985.
H. Petersen, How to convert any digital signature scheme into a group signature scheme. In Security Protocols Workshop, Paris, 1997.
Z. Ramzan, Group blind signatures à la carte, unpublished, available at http://theory.lcs.mit.edu/~zulfikar/homepage.html.
M. Stadler. Cryptographic protocols for revocable privacy, PhD thesis, ETH Zürich, 1996. Diss. ETH No. 11651.
Y. Tsiounis, Efficient electronic cash: new notions and techniques. PhD thesis, College of Computer Science, Northeastern University, Boston, MA, 1997. Available at http://www.ccs.neu.edu/home/yiannis/pubs.html.
Y. Tsiounis, Personal communication.
B. Vallée, M. Girault, and P. Toffin, How to guess 1-th roots modulo n by reducing lattice bases, AAECC-6, Lecture Notes in Computer Science, Vol. 357, Springer-Verlag, pp. 427–442.
S.S. Wagstaff Jr, Greatest of the Least Primes in Arithmetic Progression Having a given modulus, Mathematics of computation, 33(147), pp. 1073–1080.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Traoré, J. (1999). Group Signatures and Their Relevance to Privacy-Protecting Offline Electronic Cash Systems. In: Pieprzyk, J., Safavi-Naini, R., Seberry, J. (eds) Information Security and Privacy. ACISP 1999. Lecture Notes in Computer Science, vol 1587. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48970-3_19
Download citation
DOI: https://doi.org/10.1007/3-540-48970-3_19
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65756-9
Online ISBN: 978-3-540-48970-2
eBook Packages: Springer Book Archive