Get Shorty via Group Signatures without Encryption

Patrik Bichsel, Jan Camenisch, Gregory Neven, Nigel Smart, Bogdan Warinschi

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

58 Citations (Scopus)


Group signatures allow group members to anonymously sign messages in the name of a group such that only a dedicated opening authority can reveal the exact signer behind a signature. In many of the target applications, for example in sensor networks or in vehicular communication networks, bandwidth and computation time are scarce resources and many of the existent constructions simply cannot be used. Moreover, some of the most efficient schemes only guarantee anonymity as long as no signatures are opened, rendering the opening functionality virtually useless. In this paper, we propose a group signature scheme with the shortest known signature size and favorably comparing computation time, whilst still offering a strong and practically relevant security level that guarantees secure opening of signatures, protection against a cheating authority, and support for dynamic groups. Our construction departs from the popular sign-and-encrypt-and-prove paradigm, which we identify as one source of inefficiency. In particular, our proposal does not use standard encryption and relies on re-randomizable signature schemes that hide the signed message so as to preserve the anonymity of signers. Security is proved in the random oracle model assuming the XDDH, LRSW and SDLP assumptions and the security of an underlying digital signature scheme. Finally, we demonstrate how our scheme yields a group signature scheme with verifier-local revocation.
Translated title of the contributionGet Shorty via Group Signatures without Encryption
Original languageEnglish
Title of host publicationSecurity and Cryptography for Networks - SCN 2010
PublisherSpringer Berlin Heidelberg
Publication statusPublished - 2010

Bibliographical note

Other page information: 381-398
Conference Proceedings/Title of Journal: Security and Cryptography for Networks - SCN 2010
Other identifier: 2001254

Fingerprint Dive into the research topics of 'Get Shorty via Group Signatures without Encryption'. Together they form a unique fingerprint.

Cite this