Forward-secure group signatures from pairings

Toru Nakanishi, Yuta Hira, Nobuo Funabiki

Research output: Contribution to journalArticlepeer-review


To reduce the damage of key exposures, forward-secure group signature schemes have been first proposed by Song. In the forwardsecure schemes, a secret key of a group member is updated by a one-way function every interval and the previous secret key is erased. Thus, even if a secret key is exposed, the signatures produced by the secret keys of previous intervals remain secure. Since the previous forward-secure group signature schemes are based on the strong RSA assumption, the signatures are longer than pairing-based group signatures. In addition, the complexity of the key update or signing/verification is O(T), where T is the total number of intervals. In this paper, a forward-secure group signature scheme from pairings is proposed. The complexity of our key update and signing/ verification is O(log T).

Original languageEnglish
Pages (from-to)2007-2016
Number of pages10
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Issue number11
Publication statusPublished - Nov 2010


  • Anonymity
  • Forward-security
  • Group signatures
  • Pairings

ASJC Scopus subject areas

  • Signal Processing
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering
  • Applied Mathematics


Dive into the research topics of 'Forward-secure group signatures from pairings'. Together they form a unique fingerprint.

Cite this