Abstract: When an entrustor entrusts an outsourcer with the supply of a service for members, member information managed by the entrustor is kept secret from the outsourcer, and users can receive the service without communicating with the entrustor. For using the service, user apparatus 3 sends group signature data to outsourcer apparatus 2. Outsourcer apparatus 2 authenticates the group signature data using public information of entrustor apparatus 1. When the group signature data passes the authentication, confirming that user apparatus 3 is a member of entrustor apparatus 1, outsourcer apparatus 2 provides the service to user apparatus 3.

Abstract: A signature device 2 creates encrypted data by encrypting a first element of a member certificate through use of a first random number and public information disclosed by said group management device 1. The signature device 2 also creates first and second converted data by converting the first element through use of a random number and public information. The signature device 2 further creates knowledge signature data from which information concerning the first element, the second element, and the signature key will not be divulged, and outputs a group signature which contains the knowledge signature data together with a message. A verification device 3 verifies whether a group signature has been created by using a member certificate of one of the registered members in the group and a signature key, based on the message, the group signature, and the public information.

Abstract: For group signature data capable of keeping anonymity, it is possible to efficiently determine whether the user having created the group signature data is a valid member of the group. When a message and group signature data are received, the verification unit 3 authenticates the data and inquires, of the member status response unit 4, whether the user of the signature unit 2 having created the group signature data is a valid member of the group. In response to the inquiry, the response unit 4 determines the member status of the user having created the group signature data, according to a member revocation list notified from the group management unit 1. The response unit 4 then transmits a judge result of the member status to the verification unit 3.