Signer-anonymity is the central feature of ring signatures, which enable a
user to sign messages on behalf of an arbitrary set of users, called the ring,
without revealing exactly which member of the ring actually generated the
signature. Strong and long-term signer-anonymity is a reassuring guarantee for
users who are hesitant to leak a secret, especially if the consequences of
identification are dire in certain scenarios such as whistleblowing. The notion
of \textit{unconditional anonymity}, which protects signer-anonymity even
against an infinitely powerful adversary, is considered for ring signatures
that aim to achieve long-term signer-anonymity. However, the existing
lattice-based works that consider the unconditional anonymity notion did not
strictly capture the security requirements imposed in practice, this leads to a
realistic attack on signer-anonymity.
In this paper, we present a realistic attack on the unconditional anonymity
of ring signatures, and formalize the unconditional anonymity model to strictly
capture it. We then propose a lattice-based ring signature construction with
unconditional anonymity by leveraging bonsai tree mechanism. Finally, we prove
the security in the standard model and demonstrate the unconditional anonymity
through both theoretical proof and practical experiments