Revocable group signature schemes with constant costs for signing and verifying

Toru Nakanishi, Hiroki Fujii, Yuta Hira, Nobuo Funabiki

Research output: Contribution to journalConference articlepeer-review

61 Citations (Scopus)


Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N)or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch- Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where no updates of secret key are required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with 0(v'A)-size public key, where signing and verifying have constant extra costs.

Original languageEnglish
Pages (from-to)463-480
Number of pages18
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publication statusPublished - 2009
Event12th International Conference on Practice and Theory in Public Key Cryptography, PKC 2009 - Irvine, CA, United States
Duration: Mar 18 2009Mar 20 2009

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Revocable group signature schemes with constant costs for signing and verifying'. Together they form a unique fingerprint.

Cite this