Group Signatures

In this paper we present a new type of signature for a group of persons, called a group signature, which has the following properties: only members of the group can sign messages;the receiver can verify that it is a valid group signature, but cannot discover which group member made it;if necessary, the signature can be “opened”, so that the person who signed the message is revealed. These group signatures are a “generalization” of the credential/membership authentication schemes, in which one person proves that he belongs to a certain group.We present four schemes that satisfy the properties above. Not all these schemes are based on the same cryptographic assumption. In some of the schemes a trusted centre is only needed during the setup; and in other schemes, each person can create the group he belongs to.