Encryption :
Encryption is a technique we use to ensure many aspects of information security. Mainly, they're used to ensure the 'confidentiality' of a message. This basically means that the message can only be read by the intended party and the intended party alone. However, there are many snoopy malicious 'Eve's around, they'll always gawk at a chance to have a sneak peek at somebody else's affairs.
Integrity and Authenticity :
Apart from confidentiality, these two are of vital importance in a message. Suppose, there is some person, who, whilst not being able to see what is in the card you're sending to your mother, is secretly attaching a confession of chronic drug abuse into it. How does your mother know whether it is from you, or somebody else altered the message?
Signing It :
Of course, your mother would know your signature, so it's a simple matter of signing at the end of your letter to ensure that it's from you, and no one has altered it. And I'll add these two slight modifications and assumptions, that : your sign is unforgeable (your mother will immediately notice any tampering) and you have the number of words in your message with the date in your sign, so that she can make sure that you actually signed the said message and nothing else.
Digital Signatures :
The principle of digital signatures is not much unlike this scenario. Assuming that the confidentiality is already taken care of, to ensure the authenticity and integrity of a message, we do the same thing as your letter to your mother.
- Integrity : In order to ensure that your message has not been altered or tampered with, you use a cryptographically secure hash function (the input of which, is your message, and the output is another value, shorter, and quite improbable that two messages will have the same value). You take the hash of your message to ensure that your message is not tampered with. This means that when somebody gets the message, they can check if the hash is the same as the value they received by giving your message as the hash input. A match, will make sure that the message is intact. Much like the number of words in the bottom of the letter (which, I must admit, is a horrible hash function).
- Authenticity : Now, you must have your own signature under the document. How you sign this document, is you sign the hash function itself. This way, assuming that the message is already confidential, the receiver will know, given that they can identify your signature, that : a ) YOU signed that message and b) you signed THAT message
Public Key Signatures :
A pretty straightforward way to implement this is by using your 'private key' to encrypt the hash function. When the receiver gets your message, they can decrypt it using your 'public key', quite the reverse for which we typically use it, and carry on the verification process.
Why Group Signatures :
As the saying goes, necessity is the muse of invention. Group signatures are introduced to overcome a very basic need of protecting the signers privacy against potential verifiers. It's like you're signing a petition against the chief of police, a corrupt prick, of your area, and the local legislative officials are capable of verifying that that sign actually belongs to a real person. And the chief of police is convinced if the legislative officer says so, however, the chief cannot know 'who' actually signed it (because you know... white vans and stuff...).
So this local legislative officer, acts as a group manager, and is the group manager of the group we may call the jurisdictional area of the police station. All residents in this area can sign the petition, and the legislative person can verify if it is true. However, in some special cases, such as attempted forgery or tampering with message content, the legislative officer is capable of revoking this 'anonymity'. However, the basic idea is that " The identity of the signer, doesn't leak to the potential verifiers through the publicly available verification scheme "..
I'll sum up WHY this is called a 'group signature scheme' in one sentence : because that way, it's easier to manage the signature verification of a specifically defined group for a group manager, than manage a set of global signatures. After all, your village or town officials may not be able verify the signatures of all the people in the whole wide world.
Feel free to leave any comments, or request clarifications. This is a quick note, so hope it's clear enough...
