Ring Signature Schemes for General Ad-Hoc Access Structures

In a ring signature scheme for ad-hoc access structures, members of a set can freely choose a family of sets including their own set. Then they use their secret keys and the public keys of the other users to compute a signature which enjoys two properties: the external verifier is convinced that all members of some set in the access structure have cooperated to compute the signature; but he has no information about which is the set whose members have actually signed the message. In this work we propose such a scheme, based on the ideas of a ring signature scheme for discrete logarithm scenarios. The scheme allows the choice of any general access structure, not only threshold ones, as it happened with previous constructions. We prove that the resulting scheme is anonymous and existentially unforgeable under chosen message attacks, assuming that the Discrete Logarithm problem is hard to solve.

[1]  Moni Naor,et al.  Deniable Ring Authentication , 2002, CRYPTO.

[2]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[3]  Mihir Bellare,et al.  An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem , 2004, EUROCRYPT.

[4]  Yuliang Zheng,et al.  Advances in Cryptology — ASIACRYPT 2002 , 2002, Lecture Notes in Computer Science.

[5]  Kwangjo Kim,et al.  ID-Based Blind Signature and Ring Signature from Pairings , 2002, ASIACRYPT.

[6]  Masayuki Abe,et al.  1-out-of-n Signatures from a Variety of Keys , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[7]  Jesper Buus Nielsen,et al.  Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case , 2002, CRYPTO.

[8]  Jongin Lim,et al.  Information Security and Cryptology - ICISC 2003 , 2003, Lecture Notes in Computer Science.

[9]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[10]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[11]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[12]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[13]  Germán Sáez,et al.  Forking Lemmas for Ring Signature Schemes , 2003, INDOCRYPT.

[14]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[15]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[16]  Joseph K. Liu,et al.  A Separable Threshold Ring Signature Scheme , 2003, ICISC.

[17]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[18]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[19]  Thomas Johansson,et al.  Progress in Cryptology - INDOCRYPT 2003 , 2003, Lecture Notes in Computer Science.

[20]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[21]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[22]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[23]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[24]  Jan Camenisch,et al.  Efficient and Generalized Group Signatures , 1997, EUROCRYPT.

[25]  Jacques Stern,et al.  Threshold Ring Signatures and Applications to Ad-hoc Groups , 2002, CRYPTO.