2,013 research outputs found
ID-based Ring Signature and Proxy Ring Signature Schemes from Bilinear Pairings
In 2001, Rivest et al. firstly introduced the concept of ring signatures. A
ring signature is a simplified group signature without any manager. It protects
the anonymity of a signer. The first scheme proposed by Rivest et al. was based
on RSA cryptosystem and certificate based public key setting. The first ring
signature scheme based on DLP was proposed by Abe, Ohkubo, and Suzuki. Their
scheme is also based on the general certificate-based public key setting too.
In 2002, Zhang and Kim proposed a new ID-based ring signature scheme using
pairings. Later Lin and Wu proposed a more efficient ID-based ring signature
scheme. Both these schemes have some inconsistency in computational aspect.
In this paper we propose a new ID-based ring signature scheme and a proxy
ring signature scheme. Both the schemes are more efficient than existing one.
These schemes also take care of the inconsistencies in above two schemes.Comment: Published with ePrint Archiv
Lattice-Based Group Signatures: Achieving Full Dynamicity (and Deniability) with Ease
In this work, we provide the first lattice-based group signature that offers
full dynamicity (i.e., users have the flexibility in joining and leaving the
group), and thus, resolve a prominent open problem posed by previous works.
Moreover, we achieve this non-trivial feat in a relatively simple manner.
Starting with Libert et al.'s fully static construction (Eurocrypt 2016) -
which is arguably the most efficient lattice-based group signature to date, we
introduce simple-but-insightful tweaks that allow to upgrade it directly into
the fully dynamic setting. More startlingly, our scheme even produces slightly
shorter signatures than the former, thanks to an adaptation of a technique
proposed by Ling et al. (PKC 2013), allowing to prove inequalities in
zero-knowledge. Our design approach consists of upgrading Libert et al.'s
static construction (EUROCRYPT 2016) - which is arguably the most efficient
lattice-based group signature to date - into the fully dynamic setting.
Somewhat surprisingly, our scheme produces slightly shorter signatures than the
former, thanks to a new technique for proving inequality in zero-knowledge
without relying on any inequality check. The scheme satisfies the strong
security requirements of Bootle et al.'s model (ACNS 2016), under the Short
Integer Solution (SIS) and the Learning With Errors (LWE) assumptions.
Furthermore, we demonstrate how to equip the obtained group signature scheme
with the deniability functionality in a simple way. This attractive
functionality, put forward by Ishida et al. (CANS 2016), enables the tracing
authority to provide an evidence that a given user is not the owner of a
signature in question. In the process, we design a zero-knowledge protocol for
proving that a given LWE ciphertext does not decrypt to a particular message
Building Secure and Anonymous Communication Channel: Formal Model and its Prototype Implementation
Various techniques need to be combined to realize anonymously authenticated
communication. Cryptographic tools enable anonymous user authentication while
anonymous communication protocols hide users' IP addresses from service
providers. One simple approach for realizing anonymously authenticated
communication is their simple combination, but this gives rise to another
issue; how to build a secure channel. The current public key infrastructure
cannot be used since the user's public key identifies the user. To cope with
this issue, we propose a protocol that uses identity-based encryption for
packet encryption without sacrificing anonymity, and group signature for
anonymous user authentication. Communications in the protocol take place
through proxy entities that conceal users' IP addresses from service providers.
The underlying group signature is customized to meet our objective and improve
its efficiency. We also introduce a proof-of-concept implementation to
demonstrate the protocol's feasibility. We compare its performance to SSL
communication and demonstrate its practicality, and conclude that the protocol
realizes secure, anonymous, and authenticated communication between users and
service providers with practical performance.Comment: This is a preprint version of our paper presented in SAC'14, March
24-28, 2014, Gyeongju, Korea. ACMSAC 201
Deniable Ring Signatures
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 55-57).Ring Signatures were developed by Rivest, Shamir and Tauman, in a paper titled How to Leak a Secret, as a cryptographically secure way to authenticate messages with respect to ad-hoc groups while still maintaining the signer's anonymity. While their initial scheme assumed the existence of random oracles, in 2005 a scheme was developed that does not use random oracles and meets the strongest security definitions known in the literature. We argue that this scheme is not deniable, meaning if someone signs a message with respect to a ring of possible signers, and at a later time the secret keys of all of the possible signers are confiscated (including the author), then the author's anonymity is no longer guaranteed. We propose a modification to the scheme that guarantees anonymity even in this situation, using a scheme that depends on ring signature users generating keys that do not distinguish them from other users who did not intend to participate in ring signature schemes, so that our scheme can truly be called a deniable ring signature scheme.by Eitan Reich.M.Eng
Report and Trace Ring Signatures
We introduce report and trace ring signature schemes, balancing the desire for signer anonymity with the ability to report malicious behaviour and subsequently revoke anonymity. We contribute a formal security model for report and trace ring signatures that incorporates established properties of anonymity, unforgeability and traceability, and captures a new notion of reporter anonymity. We present a construction of a report and trace ring signature scheme, proving its security and analysing its efficiency, comparing with the state of the art in the accountable ring signatures literature. Our analysis demonstrates that our report and trace scheme is efficient, particularly for the choice of cryptographic primitives that we use to instantiate our construction. We contextualise our new primitive with respect to related work, and highlight, in particular, that report and trace ring signature schemes protect the identity of the reporter even after tracing is complete
- ā¦