Security Flaws in Several Group Signatures Proposed by Popescu. Cryptology ePrint archive, report 2003/207

Abstract

Abstract. In resent years, Popescu proposed several group signature schemes based on the Okamoto-Shiraishi assumption in [8–11], and claimed his schemes are secure. However, this paper demonstrates that these schemes are all insecure by identifying some security flaws. Exploiting these flaws, an attacker without any secret can mount universally forging attacks. That is, anybody (not necessarily a group member) can forge valid group signatures on arbitrary messages of his/her choice