Verifiably Encrypted Group Signatures

摘要

Recently, verifiably encrypted signatures (VESs) have been widely used in fair exchange, however most of them do not provide a method to protect the anonymity of the signer, leading to privacy leakage in fair exchange. Verifiably Encrypted Group Signature (VEGS) overcomes drawbacks of VES, which allows a verifier to check its validity without decryption. And VEGS does not reveal the identity of the signer, thus protecting the privacy of the signer. In VEGS systems, a signer generates a group signature with his private key, then encrypts it with the adjudicator's public key and outputs a VEGS. A verifier can check whether a VEGS is valid. The group manager reveals the identity of the VEGS if necessary. The adjudicator can extract the original group signature from the VEGS with his private key. In this paper, we propose the first concrete VEGS scheme according to our model. We define several security properties which are essential to VEGS schemes and we prove that our scheme is secure in the standard model. Additionally, we discuss some relevant issues about our scheme.