In a group signature scheme, only the user who is identified as a member of a group by a manager can generate a signature text anonymously as the member of the group, and only the manager can specify a signer.
Recently, several group signature schemes have been proposed. As examples of the proposed group signature schemes, there are an RSA-based scheme (see Non-Patent Documents 1 and 6), a pairing-based scheme (see Non-Patent Documents 3, 4, and 7), and a Nyberg-Rueppel-based scheme (see Non-Patent Document 2).
Non-Patent Document 1:G.Ateniese, J. Camenisch, M. joye, and G. Tsudik. A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. In advances in Crytology—CRYPTO 2000, vol.1880 of LNCS, pp.255-270, Springer -Verlag, 2000.
Non-Patent Document 2:Giuseppe Ateniese and Breno de Medeiros. Efficient Group Signatures without Trapdoors. In Advances in Cryptology—ASIACRYPT 2003, vol.2094 of LNCS, pp. 246-268, Springer-Verlag, 2003.
Non-Patent Document 3:Dan Boneh, Xavier Boyen, and Shacham. Short Group Signatures. Advances in Cryptology—CRYPTO 2004, vol.2656 of LNCS, pp. 614-629, Springer-Verlag, 2004.
Non-Patent Document 4:Jan Camenisch, Anna Lysyanskaya. Signature Schemes and Anonymous Credentials from Bilinear Maps. Advances in Cryptology—CRYPTO 2004, vol.2139 of LNCS, pp. 388-407, Springer-Verlag, 2004.
Non-Patent Document 5:Jan Camenisch and Markus Michels. Proving in Zero-Knowledge that a Number is the Product of Two Safe Primes. In Advances in Cryptology—EUROCRYPT'99, vol.1592 of LNCS, pp.107-122, Springer-Verlag, 1999.
Non-Patent Document 6:Aggelos, Kiayias, and Moti Yung. Group Signatures:Provable Secure, Efficient Constructions and Anonymity from Trapdoor Holders. http://eprint.iacr.org/2004/076.ps
Non-Patent Document 7:Lan Nguyen and Rei Safavi-Naini. Efficient and Provably Secure Trapdoor-free Group Signature Schemes from Bilinear Pairings. In Advances in Cryptology—ASIACRYPT 2004, vol.2729 of LNCS, pp. 316-337, Springer-Verlag, 2004.
Non-Patent Document 8:Victor Shoup and Rosario Gennaro. Secureing Threshold Cyptosystems against Chosen Ciphertext Attack. In Advances in Cryptology—EUROCRYPT'98, vol.1403 of Yemph[LNCS], pp.1-16, Springer-Verlag, 2004.
Non-Patent Document 9:Dan Boneh, Xabier Boyen.Short Signatures Without Random Oracles. In Advances in Cryptology—EUROCRYPT 2004 vol 3027 of Yemph[LNCS], pp. 56-73, Springer-Verlag, 2004.
Non-Patent Document 10:Rafael Pass. On Deniability in the Common Reference String and Random Oracle Model. In Advances in Cryptology—CRYPTO 2003, vol.2729 of LNCS, pp. 316-337, Springer-Verlag, 2003.
Non-Patent Document 11:Fabrice Boudot. Efficient Proofs that a Committed Number Lies in an Interval. In EUROCRYPT 2000, LNCS 1807, pp.255-270, Springer-Verlag, 2000.
Non-Patent Document 12:Joe Kilian, and Erez Petrank. Identity Escrow. In CRYPTO'98, LNCS 1462, pp. 169-185, Springer-Verlag, 1998.