Group signatures allow users to sign messages on behalf of a group without revealing authority is capable of identifying the user who generated it. However, the exposure of the user's signing key will severely damage the group signature scheme. In order to reduce the loss caused by signing key leakage, Song proposed the first forward-secure group signature. If a group signing key is revealed at the current time period, the previous signing key will not be affected. This means that the attacker cannot forge group signatures regarding messages signed in the past. To resist quantum attacks, many ...
