A Practical Forward-Secure DualRing

Ring signature allows a signer to generate a signature on behalf of a set of public keys, while a verifier can verify the signature without identifying who the actual signer is. In Crypto 2021, Yuen et al. proposed a new type of ring signature scheme called DualRing. However, it lacks forward security. The security of DualRing cannot be guaranteed if the signer’s secret key is compromised. In this work, we introduce forward-secure DualRing. The singer can periodically update his secret key using our proposed “split-and-combine” method to mitigate the security risks caused by the leakage of secret keys. We present a practical scheme based on the discrete logarithm assumption. We show a detailed evaluation to validate its practicality.

[1]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[2]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[3]  Mihir Bellare,et al.  Multi-signatures in the plain public-Key model and a general forking lemma , 2006, CCS '06.

[4]  Hoeteck Wee,et al.  Pixel: Multi-signatures for Consensus , 2019, IACR Cryptol. ePrint Arch..

[5]  Atsuko Miyaji,et al.  Characterization of Elliptic Curve Traces under FR-Reduction , 2000, ICISC.

[6]  Tsz Hon Yuen,et al.  RingCT 3.0 for Blockchain Confidential Transaction: Shorter Size and Stronger Security , 2020, IACR Cryptol. ePrint Arch..

[7]  Colin Boyd,et al.  A Modern View on Forward Security , 2020, IACR Cryptol. ePrint Arch..

[8]  Tim Ruffing,et al.  Omniring: Scaling Private Payments Without Trusted Setup , 2019, CCS.

[9]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[10]  Dan Boneh,et al.  Applications of Multilinear Forms to Cryptography , 2002, IACR Cryptol. ePrint Arch..

[11]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[12]  Tsz Hon Yuen,et al.  DualRing: Generic Construction of Ring Signatures with Efficient Instantiations , 2021, CRYPTO.

[13]  Man Ho Au,et al.  Raptor: A Practical Lattice-Based (Linkable) Ring Signature , 2019, IACR Cryptol. ePrint Arch..

[14]  Joseph K. Liu,et al.  Linkable Ring Signature with Unconditional Anonymity , 2014, IEEE Transactions on Knowledge and Data Engineering.

[15]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[16]  Siu-Ming Yiu,et al.  Event-Oriented k-Times Revocable-iff-Linked Group Signatures , 2006, ACISP.

[17]  Thomas Peters,et al.  Logarithmic-Size Ring Signatures with Tight Security from the DDH Assumption , 2018, ESORICS.

[18]  Xavier Boyen,et al.  VOTOR: conceptually simple remote voting against tiny tyrants , 2016, ACSW.

[19]  Jeremy Clark,et al.  Remotegrity: Design and Use of an End-to-End Verifiable Remote Voting System , 2013, ACNS.

[20]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[21]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[22]  Markulf Kohlweiss,et al.  One-Out-of-Many Proofs: Or How to Leak a Secret and Spend a Coin , 2015, EUROCRYPT.

[23]  Masayuki Abe,et al.  1-out-of-n Signatures from a Variety of Keys , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[24]  Aggelos Kiayias,et al.  Anonymous Identification in Ad Hoc Groups , 2004, EUROCRYPT.

[25]  Joseph K. Liu,et al.  Solutions to Key Exposure Problem in Ring Signature , 2008, Int. J. Netw. Secur..

[26]  Jens Groth,et al.  Short Accountable Ring Signatures Based on DDH , 2015, ESORICS.

[27]  Tsz Hon Yuen,et al.  Forward Secure Ring Signature without Random Oracles , 2011, ICICS.

[28]  Jonathan Katz,et al.  Ring Signatures: Stronger Definitions, and Constructions without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[29]  Xavier Boyen,et al.  Forward-Secure Linkable Ring Signatures , 2018, ACISP.