Journal of Computer and Communications, 2014, 2, 39-42
Published Online March 2014 in SciRes. http://www.scirp.org/journal/jcc
http://dx.doi.org/10.4236/jcc.2014.24006
How to cite this paper: Yao, J.P., Li, X.S. and Ma, J.C. (2014) A Novel Scheme for Deleting Group Members. Journal of
Computer and Communications, 2, 39-42. http://dx.doi.org/10.4236/jcc.2014.24006
A Novel Scheme for Deleting Group Members
Junping Yao, Xinshe Li, Junchun Ma
Xi’an High-Tech Institute, Xi’an, China
Email: junpingy200225@163.com
Received Novemb er 2013
Abstract
Deleting group members safely and efficiently has been a hot research issue in the field of the
group signature. Some resolutions have been proposed by cryptography experts, but in some way,
problems like loophole and low efficiency have been confusing us in the research. To solve the
problem, the writers try to give a new secret key updating algorithm based on improving Wang
Shangping’s group members deleting scheme, and analyze the safety and efficiency of implemen-
tation systematically in the paper.
Keywords
Group Signature; Secret Feature Key; Public Feature Key; Group Manager
1. Introduction
Group sign ature [1] has drawn much attention in academy of cryptography since it was proposed in 1991; group
signature scheme [2] proposed by Camenisch Stadler in 1997 was an important progress in group signature
analysis. The scheme used knowledge signature concept (especially SKROOTLOG signature and SKLOGLOG
signature). E. Bresson and J. Ste rn proposed a solution scheme of group members deleting problem in 2001 [3],
which was developed from Camenisch Stadler group signature scheme. It must be proved that public key
z
must not be in the list of deleting public keys with zer o-knowledge when signers signed on the message
M
.
The number of evidence in signature grows in a linear way with the growth of number of the deleted objects, so
it is not suitable for large groups. Wang Shangping proposed a new solution to group members deleting problem
in the Camenisch Stadler group signature scheme [4]. When new members join in the group or the existing
memb e rs are deleted from the group, group manager calculates a new group feature key
G
U
and update opera-
tor
U
, then member's secret characteristics key gets updates. The group public key has nothing to do with the
number of group members. Literature [5,6] analyzes the mathematical principle of parameters selection in the
group signature members deleting scheme [4], and it proves that Wang Shangpings scheme cant delete mem-
bers in an actual way but proving process is not given.
Inspired by some research results such as group signature [1, 7], blind signature [8,9], authentication encryp-
tion signature [10,11] and proxy signature, based on Wang Shangpings scheme, by converting secret feature
key update operator public into secret when members are regist ered or deleted, the update process was executed
by group manager instead of group members, a new group member’s deleting scheme is proposed, in which se-
cret feature key of group members will not change with membersdeleting or joining.
J. P. Yao et al.
40
2. A Novel Scheme
2.1. Founda tion
Group manager is just the same as it in Camenisch-S tad le r scheme in system setup phase, the difference is that
we add a RSA public parameter
e
whose module is
n
, and
e
must copr i me with
()
n
φ
. Group public key is
, group manager public key is
:
w
R
yh=
, prime factor of
1
w
and
n
is group
managers secret key.
The process of getting members certificate is completely the same with memb e r s registering in Camenisch
Stadler’s scheme. And we can assume group containing
1m
memb e r s
{ }
12 1
,,
m
GG G
in the initial estab-
lishment. Group public feature key is
12 1
:m
G GGG
Uzzzz
=
, the secret feature key of member Gi is
121 11
1
()
iii m
e
GGGGGG
Uzzzzzz
−+ −
=
, where
i
G
z
is the public key of group member
(1 1)im≤≤ −
, and
R
zG
,
:1k=
.
2.2. Membe rsJoining In
If Alice wants to join the group, she can establish her member certificate first, just as registering in Camenisch
Stadler’s scheme [3]. Set Alice is the
m
-th membe r m
G
. Set group current public feature key
12 1
:m
G GGG
Uzzzz
=
, which
i
G
z
is public key of the group membe r s
(1 1)
im≤≤ −
, and
R
zG
. The group
manager calculates the following value:
1) The new group public feature key and new value of
k
:
12 1
:
mm
GGGG G
Uzzzz z
′′
=
:1kk= +
in which
R
zG
′′
.
2) Group me m b e r s ’ secret feature key update factor:
1
:( )
k
m
Ge
zz
Uz
′′
=
3) The secret feature key of the new member m
G
(Alice):
12 1
1
:( )
k
mm
e
GGG G
Uzzzz
′′
=
4) The secret feature key of other group members:
1
:( )
ii
e
GG
U UU=
while the group manager makes a new group public feature key
G
U
and the new value of
k
public, keeps
update factor
U
secret, and sends a secret key
G
U
to
m
G
(Alice) privately. A new member
m
G
verifies
()
k
mm
e
GG G
U zU=
to judge whether the secret feature key
G
U
sent by group manager is correct. Then, group
manager calculates the secret feature key of other legal members
(1 1)
i
G im≤≤ −
excep t
m
G
, and sends the
secret feature key to group members confidentially, members verifies
() :
k
iI
e
GG G
UzU=
to judge whether the
secret feature key
G
U
sent by group manager is correct.
2.3. Membe rsDelet i ng
Member s deleting is an inverse process of membersjoining in. The following will explain how a group man-
ager deletes the membe r
j
G
. Group manager deletes its public key
j
G
z
which is in group public feature key
G
U
, and changes the random number, then releases the new group public feature key
G
U
and new value of
k
,
and calculates the secret feature key update factor
U
and secret feature key of other group members, thus, we
can generate a valid group signature after deleting
j
G
.
Set current group public feature key as:
12
:
m
G GGG
Uzzz z
=
J. P. Yao et al.
41
in which
R
zG
. In order to delete group memb e r
j
G
, group manager calculates the following value:
1) The new group public feature key and new value of
k
1 11
:
jj m
j
GGG GGG
G
z
UUzz zzz
zz
−+
′′ ′′
= =

in which
R
zG
′′
:1
kk= +
2) The secret feature key update factor of group members
1
:( )
k
Gj
e
z
Uzz
′′
=
3) The secret feature key of
()
i
Gi j
1
:( )
ii
e
GG
U UU=
Group manager makes a new group public feature key
G
U
and new value of
k
public, keeps update factor
U
secret, and sends secret key privately to
()
i
Gi j
. Group member
()
i
Gi j
verifies
() :
k
ii
e
GG G
UzU=
to
judge whether the secret feature key
m
G
U
sent by group manager is correct.
2.4. Signature Process
We can suppose that group has the legal members
1
,,
m
GG
, group public feature key
1,
m
GG GR
U zzzzG
′′ ′′
= ∈
,
group member
(1 )
i
G im≤≤
signs on message
M
on the behalf of the group.
i
G
calculates
1
2
1
2
:( )
:
:[ ,:]()
:[ ,:]()
i
i
k
e
e
rG Rn
r
R
r
G
r re
zhz rz
dy
AUg
B hg
VSKROOTREPzh gM
VSKROOTREPzh gM
αβ
γδ
αβ
γδ
= ∈
=
=
=
= =
= =
3:[ ,:]()
k
e
R
VSKREPdyzh gBh gM
ε εξεε
εξ
==∧=∧ =
The signature that member
i
G
signing on message
M
is
123
(,,,,, , )zd ABVVV
, where the calculating
process of
1
,,z dV
and
2
V
is the same as it is in Camenisch Stad ler’s scheme. We add
A
and
B
, where
A
contains secret feature key
i
G
U
of memb e r
i
G
,
B
is set to verify the correctness of
A
, proving process for
the correctness of
B
is added in
3
V
.
3. Analysis of the Scheme
3.1. Verificating and Opening the Signat ure
When we verify the correctness of the signature, we just need to add verifying the establishment of
k
G
e
UBz
A=
in proving process, because the establishment of
k
G
e
UBz
A=
ensures the legality of signer’s secret feature key
i
G
U
.The opening process is the same as it is in Camenisch Stadlers scheme.
3.2. Security and Efficiency Analysis of the Scheme
1) The calculation method of group public feature key is the same as it is in Wang Shangping’s scheme, but
J. P. Yao et al.
42
the legal memberssecret feature key is calculated by group manager, and then sent to members confidentially.
2) The deleted membe r s cannot obtain the formula to update his secret feature key, even if conspiring with
other members, it is impossible to forge signature that can be admitted.
3) It inher its the fin e features of the Camenisch Stadler’s scheme; furthermore, it can delete group members
effectively.
4) It needs to calculate the new value of k when deleting or adding member, especially when we determine
the formula of new members secret feature key according to the current value of k when adding a new member.
These lower the signature and verification efficiency, but the zero-knowledge proof process is eliminated com-
pared to Bresson-Stern scheme [3]. In other words, the improvement sche me is safe, reliable, and high efficient.
4. Conclusion
The scheme of deleting members proposed by Wang Shangping is proved that it cannot actually delete members.
And for solving this problem, this paper changes secret feature key update factor into confidential in the member
register and deleting process, and the update work for group memberssecret feature key is executed by group
manager instead of members, in this way, an improvement of secret feature key update algorithm is proposed,
and group memberssecret feature key does not change with deleting or adding members.
References
[1] Chaum, D. and Van Heyst, E. (1991) Group Signatures. In: Advances in Cryptology EUROCRYPT’91. LNCS 547,
Springer-Verlag, Berlin, 257-265.
[2] Camenisch, J. and Stadler, M. (1997) Effient Group Signature Schemes for Large Groups. Proceedings of CRYPT’97,
Lecture Notes in Computer Science, Springer-Verlag, Berlin, 410-424.
[3] Bresson, E. and Stern, J. (1999) Efficient Revocation in Group Signature. In: Kim, K., Ed., PKC2001, LNCS1992,
Springer-Verlag, Berlin, 190-206.
[4] Wang, S.P., Wang, Y.M. and Wang, X. (2003) A New Solution Scheme for the Member Deletion Problem in Group
Signature by Use of Renew Operator. Journal of Software, 14, 1911-1917.
[5] Li, X.S. and Hu, Y.P. (2008) Analysis and Improvement for a Group Signature Member Deletion Scheme. Journal of
Xidian University, 35, 478-482.
[6] Huang, Z.J. and Lin, X.Z. (2005) A Group Member Deletion Scheme Cryptanalysis. Journal of Software, 16.
[7] Ateniese, G. and Medeiros, B.D. (2003) Efficient Group Signatures without Trapdoors. In: Advances of ASIACRYPT’03.
LNCS2894, Springer-Verlag, Berlin, 246-268.
[8] Chow, S.S.M. (2009) Blind Signature and Ring Signature Schemes: Rehabilitation and Attack. Computer Standards &
Interfaces, 31, 707-712.
[9] Zhang, J.H., Chen, H. and Qin, G. (2009) Cryptoanalysis of Certificateless Partially Blind Signature and Proxy Blind
Signature Scheme. Proceedings of the 2009 2nd International Congress on Image and Signal Processing (CISP), 5.
[10] Zhao, W., Lin, C. and Ye, D.F. (2009) Provably Secure Convertible Nominative Signature Scheme. Information Secu-
rity and Cryptology 4th International Conference, Revised Selected Papers, 23-40.
[11] Zhang, J.H. and Qin, G. (2008) On the Security of Group Signature Scheme and Designated Verifier Signature Scheme.
2008 International Conference on Networking, Architecture, and Storage (NAS), June 2008, 351-358.