GROUP SIGNATURE SYSTEM, METHOD, DEVICE, AND PROGRAM
First Claim
1. A group signature system which creates a group signature to prove that the signer is really a member registered in the group and which confirms whether or not said signer of said group signature thus created is really a member of said group, comprising:
- a group management device which discloses public information for common use throughout the system, in a referenceable manner from other devices,a signature device which creates, from a member certificate containing a first element and a second element, encrypted data by encrypting said first element through use of a first random number and said public information disclosed by said group management device;
creates first converted data by converting said first element through use of a second random number and said public information;
creates second converted data by converting the first element through use of a third random number and the public information;
creates knowledge signature data from a message to which a signature will be added, a fourth random number, said encrypted data, said first converted data, said second converted data, a signature key which is a private key to be used for the creation of a signature, said first element, and said second element; and
outputs as a group signature said encrypted data, said first converted data, said second converted data, and said knowledge signature data, together with said message; and
a verification device that verifies whether said group signature has duly been created by using the first and second elements contained in the member certificate of one of the registered members in said group and said signature key, based on said message and said group signature outputted from said signature device and said public information disclosed by said group management device.
1 Assignment
0 Petitions
Accused Products
Abstract
A signature device 2 creates encrypted data by encrypting a first element of a member certificate through use of a first random number and public information disclosed by said group management device 1. The signature device 2 also creates first and second converted data by converting the first element through use of a random number and public information. The signature device 2 further creates knowledge signature data from which information concerning the first element, the second element, and the signature key will not be divulged, and outputs a group signature which contains the knowledge signature data together with a message. A verification device 3 verifies whether a group signature has been created by using a member certificate of one of the registered members in the group and a signature key, based on the message, the group signature, and the public information.
-
Citations
12 Claims
-
1. A group signature system which creates a group signature to prove that the signer is really a member registered in the group and which confirms whether or not said signer of said group signature thus created is really a member of said group, comprising:
-
a group management device which discloses public information for common use throughout the system, in a referenceable manner from other devices, a signature device which creates, from a member certificate containing a first element and a second element, encrypted data by encrypting said first element through use of a first random number and said public information disclosed by said group management device;
creates first converted data by converting said first element through use of a second random number and said public information;
creates second converted data by converting the first element through use of a third random number and the public information;
creates knowledge signature data from a message to which a signature will be added, a fourth random number, said encrypted data, said first converted data, said second converted data, a signature key which is a private key to be used for the creation of a signature, said first element, and said second element; and
outputs as a group signature said encrypted data, said first converted data, said second converted data, and said knowledge signature data, together with said message; anda verification device that verifies whether said group signature has duly been created by using the first and second elements contained in the member certificate of one of the registered members in said group and said signature key, based on said message and said group signature outputted from said signature device and said public information disclosed by said group management device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A group signature method for a group signature system having a group management device, a signature device and a verification device, which creates a group signature to prove that the signer is really a member registered in the group and which confirms whether or not said signer of said group signature thus created is really a member of said group, comprising the steps of:
-
said group management device disclosing public information for common use throughout the system, in a referenceable manner from other devices; said signature device storing a member certificate consisting of a first element and a second element, creating encrypted data by encrypting said first element using a first random number and said public information disclosed by said group management device, creating first converted data by converting said first element using a second random number and said public information, creating second converted data by converting said first element using a third random number and said public information; creating knowledge signature data from a message to which a signature will be added, a fourth random number, said encrypted data, said first converted data, said second converted data, a signature key which is a private key to be used for the creation of a signature, said first element, and said second element, in such a manner that it can be proved that said encrypted data, said first converted data, and said second converted data have been created from the same value and that information concerning said first element, said second element, and said signature key will not be divulged, and outputting as a group signature said encrypted data, said first converted data, said second converted data, and said knowledge signature data, together with said message, and said verification device verifying whether or not said group signature has been created by using the first and second elements contained in the member certificate of one of the registered members in said group and said signature key, based on said message and said group signature outputted from said signature device and said public information disclosed by said group management device without using the information concerning said first and second elements and said signature key.
-
-
11. A group signature device which forms a group signature system together with a group management device that discloses public information for common use throughout the system in a referenceable manner from other devices and a verification device that confirms whether or not the signer of a group signature is a member registered in said group, and which creates a group signature that can prove that said signer is a member registered in said group, comprising:
-
a member information storage means which stores a member certificate consisting of a first element and a second element, an encrypted data creation means which creates encrypted data by encrypting said first element using a first random number and said public information disclosed by said group management device, a first converted data creation means which creates first converted data by converting said first element using a second random number and said public information, a second converted data creation means which creates second converted data by converting said first element using a third random number and said public information, a knowledge signature creation means which creates knowledge signature data from a message to which a signature will be added, a fourth random number, said encrypted data, said first converted data, said second converted data, a signature key which is a private key to be used for the creation of a signature, said first element, and said second element, in such a manner that it can be proved that said encrypted data, said first converted data, and said second converted data have been created from the same value and that information concerning said first element, said second element, and said signature key will not be divulged, and a signature output means which outputs as a group signature said encrypted data, said first converted data, said second converted data, and said knowledge signature data, together with said message.
-
-
12. A group signature program to be run on a computer to make the computer operate as a group signature device, which forms a group signature system together with a group management device that discloses public information for common use throughout the system in a referenceable manner from other devices and a verification device that confirms whether or not the signer of a group signature is a member registered in said group, in order to create a group signature that can prove that said signer is a member registered in said group, comprising the processes of:
-
a member information storage means storing a member certificate consisting of a first element and a second element; an encrypted data creation means creating encrypted data by encrypting said first element using a first random number and said public information disclosed by said group management device; a first converted data creation means creating first converted data by converting said first element using a second random number and said public information; a second converted data creation means creating second converted data by converting said first element using a third random number and said public information; and a knowledge signature creation means creating knowledge signature data from a message to which a signature will be added, a fourth random number, said encrypted data, said first converted data, said second converted data, a signature key which is a private key to be used for the creation of a signature, said first element, and said second element, in such a manner that it can be proved that said encrypted data, said first converted data, and said second converted data have been created from the same value and that information concerning said first element, said second element, and said signature key will not be divulged; and a signature output means outputting as a group signature said encrypted data, said first converted data, said second converted data, and said knowledge signature data, together with said message.
-
Specification