In 2002, Abe, Ohkubo, and Suzuki developed a new type of ring signature based on the discrete logarithm problem, which used a novel commitment structure to gain significant savings in size and verification time for ring signatures[AOS02]. Ring signatures are signatures using n verification keys which require knowledge of one of the corresponding secret keys. They can therefore be considered a signature of a disjunctive statement “I know x1 OR I know x2 OR . . . ”. We generalise their construction to handle conjunctive statements “I know one of {x1,x2,x3, . . .} AND one of {x4,x5,x6, . . .} AND . . . ” and thereby gain the ability to express knowledge of any monotone boolean function of the signing keys. This can be trivially done by use of multiple independent ring signatures; our construction saves space relative to this by sharing commitments across the individual rings. We also describe a new way of thinking about these ring signatures, and ordinary Schnorr signatures, in terms of “causal loops” which may provide a framework for further generalisations. ∗This work was sponsored by Blockstream. †greg@xiph.org, apoelstra@wpsoftware.net
[1]
R. Robinson,et al.
Plato's Theory of Ideas
,
1952
.
[2]
Amos Fiat,et al.
How to Prove Yourself: Practical Solutions to Identification and Signature Problems
,
1986,
CRYPTO.
[3]
Josh Benaloh,et al.
Generalized Secret Sharing and Monotone Functions
,
1990,
CRYPTO.
[4]
C. P. Schnorr,et al.
Efficient Identification and Signatures for Smart Cards (Abstract)
,
1989,
EUROCRYPT.
[5]
Mihir Bellare,et al.
Random oracles are practical: a paradigm for designing efficient protocols
,
1993,
CCS '93.
[6]
Ivan Damgård,et al.
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
,
1994,
CRYPTO.
[7]
Hugo Krawczyk,et al.
Chameleon Hashing and Signatures
,
1998,
IACR Cryptol. ePrint Arch..
[8]
Yael Tauman Kalai,et al.
How to Leak a Secret: Theory and Applications of Ring Signatures
,
2001,
Essays in Memory of Shimon Even.
[9]
Masayuki Abe,et al.
1-out-of-n Signatures from a Variety of Keys
,
2002,
IEICE Trans. Fundam. Electron. Commun. Comput. Sci..