### Abstract

Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N)or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch- Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where no updates of secret key are required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with 0(v'A)-size public key, where signing and verifying have constant extra costs.

Original language | English |
---|---|

Pages (from-to) | 463-480 |

Number of pages | 18 |

Journal | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |

Volume | 5443 |

DOIs | |

Publication status | Published - Jun 18 2009 |

Event | 12th International Conference on Practice and Theory in Public Key Cryptography, PKC 2009 - Irvine, CA, United States Duration: Mar 18 2009 → Mar 20 2009 |

### Fingerprint

### ASJC Scopus subject areas

- Theoretical Computer Science
- Computer Science(all)

### Cite this

*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)*,

*5443*, 463-480. https://doi.org/10.1007/978-3-642-00468-1_26