PRIVACY PRESERVATION FOR TRANSACTION INITIATORS: STRONGER KEY IMAGE RING SIGNATURE AND SMART CONTRACT-BASED FRAMEWORK

Recently, blockchain technology has garnered support. However, an attenuating factor to its global adoption in certain use cases is privacy-preservation owing to its inherent transparency. A widely explored cryptographic option to address this challenge has been ring signature which aside its privacy guarantee must be double spending resistant. In this paper, we identify and prove a catastrophic flaw for double-spending attack in a Lightweight Ring Signature scheme and proceed to construct a new, fortified commitment scheme using the signer’s entire private key. Subsequently, we compute a stronger key image to yield a double-spending-resistant signature scheme solidly backed by formal proof. Inherent in our solution is a novel, zero-knowledge-based, secured and cost-effective smart contract for public key aggregation. We test our solution on a private blockchain as well as Kovan testnet along with performance analysis attesting to efficiency and usability and make the code publicly available on GitHub

Constant Size Traceable Ring Signature Scheme without Random Oracles

Currently several traceable (or linkable) identity-based ring signature schemes have been proposed. However, most of them are constructed in the random oracle model. In this paper, we present a fully traceable ring signature (TRS) scheme without random oracles, which has the constant size signature and a security reduction to the computational Diffie-Hellman (CDH) assumption. Also, we give a formal security model for traceable ring signature and prove that the proposed scheme has the properties of traceability and anonymity

One-time and Revocable Ring Signature with Logarithmic Size in Blockchain

Ring signature (RS) allows users to demonstrate to verifiers their membership within a specified group (ring) without disclosing their identities. Based on this, RS can be used as a privacy protection technology for users\u27 identities in blockchain. However, there is currently a lack of RS schemes that are fully applicable to the blockchain applications: Firstly, users can only spend a UTXO once, and the current RS schemes are not yet perfect in a one-time manner. At the same time, the current RS schemes are not sufficiently developed in terms of regulation. Secondly, the size of the current RS is mostly linearly related to the number of ring members. When there are many members, the transaction processing speed is slow. We propose a one-time and revocable ring signature with logarithmic size in blockchain based on the Sigma-Protocols. Our scheme compresses the RS size and enables users to sign in the blockchain transactions. The scheme allows two RS generated with the same private key for a same UTXO to be linked together. Additionally, it allows regulatory authority to recover the signer\u27s identity at any time. A security model was presented, and its security properties, namely, unforgeability, anonymity, one-time, revocability, and non-slanderability were proven in the random oracle model. Our scheme compresses the RS size to where is the number of ring users, enabling blockchain transactions to have better processing speeds. And it can prevent double-spending attacks in blockchain and allows regulatory authority to recover the identity of the signer

Reusable mesh signature scheme for protecting identity privacy of IoT devices

Peer reviewedPublisher PD

PPAA: Peer-to-Peer Anonymous Authentication (Extended Version)

In the pursuit of authentication schemes that balance user privacy and accountability, numerous anonymous credential systems have been constructed. However, existing systems assume a client-server architecture in which only the clients, but not the servers, care about their privacy. In peer-to-peer (P2P) systems where both clients and servers are peer users with privacy concerns, no existing system correctly strikes that balance between privacy and accountability. In this paper, we provide this missing piece: a credential system in which peers are {\em pseudonymous} to one another (that is, two who interact more than once can recognize each other via pseudonyms) but are otherwise anonymous and unlinkable across different peers. Such a credential system finds applications in, e.g., Vehicular Ad-hoc Networks (VANets) and P2P networks. We formalize the security requirements of our proposed credential system, provide a construction for it, and prove the security of our construction. Our solution is efficient: its complexities are independent of the number of users in the system

Raptor: A Practical Lattice-Based (Linkable) Ring Signature

We present Raptor, the first practical lattice-based (linkable) ring signature scheme with implementation. Raptor is as fast as classical solutions; while the size of the signature is roughly $1.3$ KB per user. Prior to our work, all existing lattice-based solutions are analogues of their discrete-log or pairing-based counterparts. We develop a generic construction of (linkable) ring signatures based on the well-known generic construction from Rivest et al., which is not fully compatible with lattices. We show that our generic construction is provably secure in random oracle model. We also give instantiations from both standard lattice, as a proof of concept, and NTRU lattice, as an efficient instantiation. We showed that the latter construction, called Raptor, is almost as efficient as the classical RST ring signatures and thus may be of practical interest

Ring Group Signatures

In many applications of group signatures, not only a signer\u27s identity but also which group the signer belongs to is sensitive information regarding signer privacy. In this paper, we study these applications and combine a group signature with a ring signature to create a ring group signature, which specifies a set of possible groups without revealing which member of which group produced the signature. The main contributions of this paper are a formal definition of a ring group signature scheme and its security model, a generic construction and a concrete example of such a scheme. Both the construction and concrete scheme are provably secure if the underlying group signature and ring signature schemes are secure

Traceable Identity-Based Group Signature

Group signature is a useful cryptographic primitive, which makes every group member sign messages on behalf of a group they belong to. Namely group signature allows that group member anonymously signs any message without revealing his/her specific identity. However, group signature may make the signers abuse their signing rights if there are no measures of keeping them from abusing signing rights in the group signature schemes. So, group manager must be able to trace (or reveal) the identity of the signer by the signature when the result of the signature needs to be arbitrated, and some revoked group members must fully lose their capability of signing a message on behalf of the group they belong to. A practical model meeting the requirement is verifier-local revocation, which supports the revocation of group member. In this model, the verifiers receive the group member revocation messages from the trusted authority when the relevant signatures need to be verified. With the rapid development of identity-based cryptography, several identity-based group signature (IBGS) schemes have been proposed. Compared with group signature based on public key cryptography, IBGS can simplify key management and be used for more applications. Although some identity-based group signature schemes have been proposed, few identity-based group signature schemes are constructed in the standard model and focus on the traceability of signature. In this paper, we present a fully traceable (and verifier-local revocation) identity-based group signature (TIBGS) scheme, which has a security reduction to the computational Diffie–Hellman (CDH) assumption. Also, we give a formal security model for traceable identity-based group signature and prove that the proposed scheme has the properties of traceability and anonymity

RingCT 2.0: A Compact Accumulator-Based (Linkable Ring Signature) Protocol for Blockchain Cryptocurrency Monero

In this work, we initially study the necessary properties and security requirements of Ring Confidential Transaction (RingCT) protocol deployed in the popular anonymous cryptocurrency Monero. Firstly, we formalize the syntax of RingCT protocol and present several formal security definitions according to its application in Monero. Based on our observations on the underlying (linkable) ring signature and commitment schemes, we then put forward a new efficient RingCT protocol (RingCT 2.0), which is built upon the well-known Pedersen commitment, accumulator with one-way domain and signature of knowledge (which altogether perform the functions of a linkable ring signature). Besides, we show that it satisfies the security requirements if the underlying building blocks are secure in the random oracle model. In comparison with the original RingCT protocol, our RingCT 2.0 protocol presents a significant space saving, namely, the transaction size is independent of the number of groups of input accounts included in the generalized ring while the original RingCT suffers a linear growth with the number of groups, which would allow each block to process more transactions