摘要
Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concerning revocation of group members is an ideal one if it satisfies forward security which makes it more attractive for not sacrificing the security of past signatures of deleted members. This paper analyses the problem and gives a construction in which the group manager can be un-trustworthy. The scheme is efficient even when the number of revoked members is large.
Up to now, how to construct an efficient secure group signature scheme, which needs not to reset the system when some group members' signing keys are exposed, is still a difficult problem. A construction concerning revocation of group members is an ideal one if it satisfies forward security which makes it more attractive for not sacrificing the security of past signatures of deleted members. This paper analyses the problem and gives a construction in which the group manager can be untrustworthy. The scheme is efficient even when the number of revoked members is large.
基金
the National Natural Science Foundation of China (No.60673081)
the National Grand Foundation Research 863 Program of China (No.2006 AA01Z417).
