Tech Report CS-04-17
Aggregate Group Signature and Anonymous Delegation
Danfeng Yao and Roberto Tamassia
Group signatures are an effective solution for protecting the privacy of signers. When used in role-based delegation, they allow anonymous delegations by role members on behalf of a role. To make role-based delegation using group signatures efficient in a decentralized trust environment, we propose a group signature scheme that supports aggregation. Multiple group signatures can be aggregated into one compact signature of constant length. Our scheme is based on the ID-based group signature scheme by Chen, Zhang, and Kim and the aggregate signature scheme by Boneh, Gentry, Lynn, and Shacham, and uses bilinear maps in gap Diffie-Hellman groups. Aggregate group signatures are suitable for financial applications where a large number of signatures are generated and the role (or group) membership of a signer is needed for verification. We show how aggregate group signatures can be used to implement an anonymous role-based cascaded delegation (RBCD) protocol that protects sensitive role-membership information of delegators. This protocol also yields a proxy signature scheme for groups.