Description.

The group manager uses the ``Superimposed coding'' to transform the set of all personal keys of each revoked member into the $m$-bit string $B$. Then he signs the latter value. A smart card is going to receive this signed bit-string, then treats it so as to verify the signature and to learn if its holder is revoked or not.
According to the size of the group and more particularly to the number of revoked members, the size of the result bit-string and the number of packets will vary in order to obtain good trade-offs (negligible error probability and $m$ of reasonable size). For example, for $q=8$ and $k=10000$ (i.e. at most 10000 revoked members), the error probability is $2.3\times 10^{-5}$ for a result bit-string of size $2^{18}$ (i.e. 32 Kbytes).