Group-oriented Digital Signature

With the development of the information technology, the meaning of information security is enlarged, it means not only the physical security or communicate in privacy, but also the message's integrity, authentication, nonrepudiable, usability and so on. Among them, the authentication and the privacy are two important aspects, authentication does not provide the privacy and the privacy does not provide authentication automatically. The digital signature is the primary method to provide the authentication, it is one of the important aspect of research of modern cryptology.This paper mainly discusses three kind of group oriented digital signatures: Group signature, Ring signature and Threshold Proxy signature.In the business/government affairs or in our daily life, we often need to trust others to do something instead of us, it is a regular requirement to delegate our seal to others to sign instead of us. It can be view as a proxy signature of the president that the secretary of president stamps the president's seal on the student's diploma. In an information society, correspondingly, it is a significative subject to research the method of delegate the right of digital signature to others. A so-called proxy signature is that under the protocol between the orient signer and the proxy signer, the proxy signer can sign the message on the behalf of the orient signer when the orient signer is absence. In this paper, base on the others works, we present a new method to classify the proxy signatures in this paper, and then we discuss the conditions of the proxy signature and point out the relations between them. The threshold proxy signature is that the orient signer delegate his/her signing capability to a group, the group members use this right in a threshold method. In a (t, n) threshold proxy signature scheme, the original signer can delegate his/her signing capability to n proxy signers such that any t or more proxy signers can sign messages on behalf of the former, but t -1 or less of them can do nothing. A number of such schemes based on DLP have been suggested. However, there has still no a RSA-based threshold proxy signature scheme by now. It is an open question to construct threshold proxy signature scheme based RSA. Because of the importance of RSA system, it is necessary to build a RSA-based threshold proxy signature scheme. In this paper we construct a secure RSA-based threshold proxy signature scheme. All the secret parameters in this scheme are generated in distributed method.A group signature scheme allows members of a group to sign messages on behalf ofthe group. Signature can be verified with respect to a single group public key, but they do not reveal the identity of the signer. How ever, there exists a designated group manager who can, in case of a later dispute, open signatures, i.e., reveal the identity of the signer. Member deletion is one of the kittlest problems in group signature schemes. In the paper "A new solution scheme for the member deletion problem in group signature by use of renew operator", Wang shangping and Wang yumin give a new method to solve the problem, in 2003. In their solution, a new method of so called "renew operator" is used. But we point out that in their scheme, the member who had been deleted from group can still give out a group signature that can pass the verification successfully. Only when the group manager opens the signature, the signer's illegitimate identity can be uncovered, so there has some weakness in the security of their scheme.Ring signature, which makes it possible to specify a set of possible signers without revealing who actually produced the signature. Unlike group signatures, ring signatures have no group managers, no setup procedures, no revocation procedures, and no coordination: any user can choose any set of possible signers which includes himself, and sign any message by using his secret key and the others' public keys, without getting their approval or assistance. Ring signatures provide a way to leak authoritative secrets in an anonymous way. This paper firstly introduces the situation and the progress of the research about ring signature. For the (t, n) threshold ring signature scheme proposed by Wu et al. in Chinacrypt'2004, we point out that it does not satisfy the unlinkablity, we can learn whether two ring signatures have been issued by the same group member(s); also it does not satisfy the anonymity, the group member who has not concerned with the ring signature can prove that he did not produce the ring signature via a simple signature, that is, it reveals the real members who have produced ring signature.