Abstract:Group signature schemes allow a group member to anonymously sign on group’s behalf. Moreover, in case of anonymity misuse.a group manager can recover the issuer of a signature. This paper analyzes the security of two group signature schemes recently proposed respectively by Posescu (2000) and Wang Xiaoming (2003), and shows that both schemes are universally forgeable, that is, anyone (not necessarily a group member) is able to produce a valid group signature on an arbitrary message, which cannot be traced by the group manager. So both schemes are insecure.