Abstract

We discuss the merits of using group signature technology in Identity Management. We propose a novel model of group signature scheme and introduce a new entity called User-Revocation manager. User-Revocation manager plays an independent role regarding user revocation which was previously covered by either Group manager or Issuing manager. We extend the idea of the Camenisch-Groth scheme and present an efficient revocation scheme where the cost of user revocation is smaller than that of the Camenisch-Groth scheme. We also discuss the details of our implementation.