General Principle.

Our approach consists in generating an additional signature computed with a group-shared private key $SK_{G}$. We denote by $PK_{G}$ the associated public key. $SK_{G}$ is communicated by the group manager to each non revoked member, by the means of a group key distribution scheme (for example [16]). As a consequence, the revocation problem is reduced to a group key distribution problem, for which solutions already exist. Moreover, it happens that, in our case, these solutions are easier to use.
When a new member wants to integrate the group, the group manager securely sends him, among other elements, the group-shared key $SK_{G}$. And when a member is revoked, the group manager sets up a mechanism of member revocation, which implies the renewal of the group-shared key. It is impossible for the revoked member to learn anything about the new shared key and consequently he cannot sign anymore. The group manager has to publish data in order to make possible for other members to get the new key.
After that, if a member wants to sign a message $M$ on behalf of the group (see Figure 2), he computes his group signature as usual (using [1], [6] or the solution described in section 3 for example) to obtain a couple $(M,S_{G})$ which he is going to sign by means of $SK_{G}$. The receiver can then verify the latter signature with $PK_{G}$ and the value $S_{G}$ as a signature of a group member.

Figure 2: First Approach - Signature Protocol

$M$ = Message
$M'$ = Concatenation of $M$ and $S_{G}$
$K_{G}$ = Group (private/secret) key(s)
$SK_{G}$ = Group-shared signature private key
$GSA$ = Group signature algorithm
$SA$ = Signature algorithm
$S_{G}$ = M's group signature
$S$ = Signature of the message
$\Vert$ = Concatenation algorithm