Forking Lemmas in the Ring Signatures' Scenario

Pointcheval and Stern introduced in 1996 some forking lemmas useful to prove the security of a family of digital signature schemes. This family includes, for example, Schnorr's scheme and a modi cation of ElGamal signature scheme. In this work we generalize these forking lemmas to the ring signatures' scenario. In a ring signature scheme, a signer in a subset (or ring) of potential signers produces a signature of a message in such a way that the receiver can verify that the signature comes from a member of the ring, but cannot know which member has actually signed. We propose a new ring signature scheme, based on Schnorr signature scheme, which provides unconditional anonymity. We use the generalized forking lemmas to prove that this scheme is existentially unforgeable under adaptive chosen-message attacks, in the random oracle model.

[1]  J. Camenisch E cient and Generalized Group Signatures , 1997 .

[2]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[3]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[4]  Jan Camenisch,et al.  A Group Signature Scheme with Improved Efficiency , 1998, ASIACRYPT.

[5]  Jacques Stern,et al.  Proofs of Knowledge for Non-monotone Discrete-Log Formulae and Applications , 2002, ISC.

[6]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[7]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[8]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[9]  John B. Shoven,et al.  I , Edinburgh Medical and Surgical Journal.

[10]  Kazuo Ohta,et al.  On Concrete Security Treatment of Signatures Derived from Identification , 1998, CRYPTO.

[11]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[12]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[13]  Jacques Stern,et al.  Threshold Ring Signatures for Ad-hoc Groups , 2002, CRYPTO 2002.

[14]  Masayuki Abe,et al.  1-out-of-n Signatures from a Variety of Keys , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[15]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[16]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[17]  Giovanni Di Crescenzo,et al.  On monotone formula closure of SZK , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[18]  J. Camenisch Eecient Group Signature Schemes for Large Groups , 1997 .