一個具層級性的動態群體簽章系統

Abstract

群體簽章的概念，是指在一個群體中，任何一個成員皆可匿名地代表此群體作簽章的動作。當遇到有爭議之時，才由系統指定的群體管理者來解開(open)簽章，公佈簽章者的身份。對群體管理者之外的人而言，此種簽章除了滿足原本簽章該有的安全性外，還須達到匿名性的要求。 本篇論文是基於[15]的群體簽章架構，加上層級性的構想：即處在較高層級的群體管理者，除了可打開該群體的群體簽章外，還可打開此群體之下所轄群體的群體簽章。另外，也加入了群體成員加入時可給定合法時限的作法，以減輕[15]中憑證廢止列表的負擔。

The concept of “group signature” means that, in a group, any member can sign on behalf of the group anonymously. While there is a dispute, a group manager assigned by the system will “open” the signature and make the signer public. For any one except the group manager, this kind of signatures satisfies not only the security properties but also “anonymity”. This thesis is based on the construction of group signature in [15], and adds the idea of “Hierarchy”. A manager of a higher group, can open not only the group signatures of this group, but also the group signatures of lower affiliated groups. Additionally, we also add the method of assigning valid time-bound when a user joins the group, in order to reduce the loads of the certificate revocation lists in [15].