Security analysis of blind signatures and group signatures
Abstract
We present the latest formal security definitions for blind signature schemes and for group signature schemes. We start by introducing theory about algorithms, probability distributions, distinguishers, protocol attacks and experiments, which is needed to understand the definitions. In the case of blind signatures, we define blindness and non-forgeability, and we present the blind Schnorr and Okamoto-Schnorr signature schemes and prove that the latter is secure. For group signatures, we define full-anonymity and full-non-forgeability (full-traceability). In the end, we sketch a secure general group signature scheme presented by Bellare, Micciancio and Warinschi.