4 research outputs found
A suite of non-pairing ID-based threshold ring signature schemes with different levels of anonymity (extended abstract)
Since the introduction of Identity-based (ID-based) cryptography by Shamir in 1984, numerous ID-based signature schemes have been proposed. In 2001, Rivest et al. introduced ring signature that provides irrevocable signer anonymity and spontaneous group formation. In recent years, ID-based ring signature schemes have been proposed and almost all of them are based on bilinear pairings. In this paper, we propose the first ID-based threshold ring signature scheme that is not based on bilinear pairings. We also propose the first ID-based threshold ‘linkable’ ring signature scheme. We emphasize that the anonymity of the actual signers is maintained even against the private key generator (PKG) of the ID-based system. Finally we show how to add identity escrow to the two schemes. Due to the different levels of signer anonymity they support, the schemes proposed in this paper actually form a suite of ID-based threshold ring signature schemes which is applicable to many real-world applications with varied anonymity requirements
A -out-of- Ring Signature with Flexible Participation for Signers
A -out-of- ring signature is a kind of anonymous signature that
can be performed by any member in a group.
This signature allows the creation of valid signatures if and only if
actual signers more than or equal to sign the message among
possible signers.
In this paper, we present a new -out-of- ring signature.
Our signature has a remarkable property: When the signature is
updated from -out-of- to -out-of-, the previous
signers do not need to sign a message again.
Our scheme can ``reuse\u27\u27 the old signature, whereas the previous schemes
revoke it and create a signature from scratch.
We call this property ``{{flexibility}}\u27\u27 and formalize it rigorously.
Our signature scheme has a multiple ring structure, each ring of which
is based on -out-of- ring signature. The structure of our scheme
is completely different from that of conventional schemes, such as a
secret-sharing type. The signers\u27 keys are mostly independent of each
user, thanks to a part of keys which use a special hash function.
We give the results of provable security for our scheme
Raptor: A Practical Lattice-Based (Linkable) Ring Signature
We present Raptor, the first practical lattice-based
(linkable) ring signature scheme with implementation.
Raptor is
as fast as classical solutions; while the size
of the signature is roughly KB per user.
Prior to our work, all existing lattice-based solutions are analogues of their discrete-log
or pairing-based
counterparts.
We develop a generic construction of (linkable) ring signatures based on the well-known generic construction from Rivest et al., which is not fully compatible with lattices. We show that our generic construction is provably secure in random oracle model.
We also give instantiations from both standard lattice,
as a proof of concept,
and NTRU lattice, as an efficient instantiation. We showed that the latter construction, called Raptor, is almost as efficient as the classical RST ring signatures and thus may be of practical interest