Group signature implies public-key encryption with non-interactive opening

In this paper, we show that public-key encryption with non-interactive opening (PKENO) can be constructed from an arbitrary group signature (GS) scheme which is secure in the dynamic group setting and provides opening soundness. Moreover, the resulting PKENO construction is efficient if the underlying GS scheme is efficient and the message space of the PKENO scheme is restricted to short messages. Hence, our result not only shows that the existence of this type of GS implies the existence of PKENO, but also that designing a practical GS scheme is as difficult as designing a practical PKENO scheme. Our transform is constructed by carefully investigating the relationship between the functionalities of GS and that of PKENO, and developing a novel (but specific) multiple encryption technique. This multiple encryption technique plays an important role for simultaneously achieving both practical efficiency and security.