A multisignature scheme for the general access structure

A multisignature scheme for the general access structure is proposed. This scheme allows the signers of an authorized subset to cooperate to generate a valid group signature, and it is impossible for those of an unauthorized subset to generate a group signature. Its computational complexity is comparatively low. The security of the scheme is based on the intractability of the discrete log problem. Both the validity of the partial signature of a signer and that of the group signature of an authorized subset can be verified, and the suspected forgery and forgers can be detected.