Abstract
In this work we formalize the notion of a ring signature, which makes it possible to specify a set of possible signers without revealing which member actually produced the signature. Unlike group signatures, ring signatures have no group managers, no setup procedures, no revocation procedures, and no coordination: any user can choose any set of possible signers that includes himself, and sign any message by using his secret key and the others’ public keys, without getting their approval or assistance. Ring signatures provide an elegant way to leak authoritative secrets in an anonymous way, to sign casual email in a way that can only be verified by its intended recipient, and to solve other problems in multiparty computations.
Our main contribution lies in the presentation of efficient constructions of ring signatures; the general concept itself (under different terminology) was first introduced by Cramer et al. [CDS94]. Our constructions of such signatures are unconditionally signer-ambiguous, secure in the random oracle model, and exceptionally efficient: adding each ring member increases the cost of signing or verifying by a single modular multiplication and a single symmetric encryption. We also describe a large number of extensions, modifications and applications of ring signatures which were published after the original version of this work (in Asiacrypt 2001).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Awasthi, A.K., Lal, S.: ID-based Ring Signature and Proxy Ring Signature Schemes from Bilinear Pairings. In: Cryptology ePrint Archive: Report 2004/184
Ateniese, G., de Medeiros, B.: Identity-based chameleon hash and applications. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 164–180. Springer, Heidelberg (2004)
Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of- n Signatures from a Variety of Keys. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415–432. Springer, Heidelberg (2002)
Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and Verfiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)
Bellare, M., Rogaway, P.: Random Oracles are Practical: a Paradigm for Designing Efficient Protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)
Bresson, E., Stern, J., Szydlo, M.: Threshold Ring Signatures and Applications to Ad-Hoc Groups (Extended abstract). In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 465–480. Springer, Heidelberg (2002)
Camenisch, J.: Efficient and Generalzied Group Sigmatures. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 465–479. Springer, Heidelberg (1997)
Chaum, D.: Untraceable Electronic Mail, Return Addresses and Digital Pseudonyms. Communications of the ACM 24(2), 84–88 (1981)
Chaump, D.: The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability. Journal of Cryptology 1(1), 65–75 (1988)
Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)
Chow, S.S.M., Hui, L.C.K., Yiu, S.M.: Identity Based Threshold Ring Signature. In Cryptology ePrint Archive: Report 2004/179
Chaum, D., Van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)
Chow, S.S.M., Yiu, S.M., Hui, L.C.K.: Efficient Identity Based Ring Signature. In Cryptology ePrint Archive: Report 2004/327
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inform. Theory IT-22, 644–654 (1976)
Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous Identification in Ad-Hoc Groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)
Goldreich, O.: Foundations of Cryptography: Volume 2 – Basic Applications. Cambridge University Press, Cambridge (2004)
Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Onion Routing for Anonymous and Private Internet Connections. Communications of the ACM 42(2), 39–41 (1999)
Herranz, J.: A Formal Proof of Security of Zhang and Kim’s ID-Based Ring Signature Scheme. In: WOSIS 2004, pp. 63–72 (2004)
Hanatani, Y., Ohta, K.: Two Stories of Ring Signatures. Crypto 2005 rump session talk, Available at http://www.iacr.org/conferences/crypto2005/r/38.ppt , A photo of the 1756 ”ring signature” is available at http://www.nihonkoenmura.jp/theme3/takarabito07.htm
Herranz, J., Saez, G.: Forking Lemmas in the Ring Signatures’ Scenario. In: Cryptology ePrint Archive: Report 2003/067
Herranz, J., Saez, G.: Ring Signature Schemes for General Ad-Hoc Access Structures. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 54–65. Springer, Heidelberg (2005)
Herranz, J., Saez, G.: New Identity-Based Ring Signature Schemes. In: López, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 27–39. Springer, Heidelberg (2004)
Herranz, J., Saez, G.: Distributed Ring Signatures for Identity-Based Scenarios. In: Cryptology ePrint Archive: Report 2004/190
Hardy, G.H., Wright, E.M.: An Introduction to the Theory of Numbers, 5th edn. Oxford (1979)
Jakobsson, M., Sako, K., Impagliazzo, R.: Designated verifier proofs and their applications. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143–154. Springer, Heidelberg (1996)
Kuwakado, H., Tanaka, H.: Threshold Ring Signature Scheme Based on the Curve. IPSJ JOURNAL Abstract, 44, 8–32
Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Computing 17(2), 373–386 (1988)
Lv, J., Ren, K., Chen, X., Kim, K.: Ring Authenticated Encryption: A New Type of Authenticated Encryption. In: The 2004 Symposium on Cryptography and Information Security, vol. 1(2), pp. 1179–1184 (2004)
Lin, C.Y., Wu, T.C.: An Identity Based Ring Signature Scheme from Bilinear Pairings. In: Cryptology ePrint Archive, Report 2003/117 (2003)
Lv, J., Wang, X.: Verifiable Ring Signature. In: Proc. of DMS 2003 - The 9th International Conference on Distribted Multimedia Systems, pp. 663–667 (2003)
Liu, J.K., Wei, V.K., Wong, D.S.: Wong A Separable Threshold Ring Signature Scheme. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 12–26. Springer, Heidelberg (2004)
Liu, J.K., Wei, V.K., Wong, D.S.: Linkable Spontaneous Anonymous Group Signatures for Ad Hoc Groups (Extended Abstract). In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 325–335. Springer, Heidelberg (2004)
Naor, M.: Deniable Ring Authentication. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 481–498. Springer, Heidelberg (2002)
Rabin, M.: Digitalized signatures as intractable as factorization. Technical Report MIT/LCS/TR-212, MIT Laboratory for Computer Science (January 1979)
Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)
Shamir, A.: Identity Based Cryptosystems and Signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
De Santis, A., Di Crescenzo, G., Persiano, G., Yung, M.: On monotone formula closure of SZK. In: Proc. 35th FOCS, pp. 454–465. IEEE, New York (1994)
Susilo, W., Mu, Y.: Non-Interactive Deniable Ring Authentication. In: the 6th International Conference on Information Security and Cryptology ICISC 2003, pp. 397–412 (2003)
Susilo, W., Mu, Y.: Deniable Ring Authentication Revisited. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 149–163. Springer, Heidelberg (2004)
Tang, C., Liu, Z., Wang, M.: An Improved Identity-Based Ring Signature Scheme from Bilinear Pairings. In: NM Research Preprints, MMRC, AMSS, Academia, Sinica, No. 22, Beijing, pp. 231–234 (December 2003)
Tsang, P.P., Wei, V.K., Chan, T.K., Au, M.H., Liu, J.K., Wong, D.S.: Separable Linkable Threshold Ring Signatures. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 384–398. Springer, Heidelberg (2004)
Wei, V.K.: A Bilinear Spontaneous Anonymous Threshold Signature for Ad Hoc Groups. In: Cryptology ePrint Archive: Report 2004/039
Wong, D.S., Fung, K., Liu, J.K., Wei, V.K.: On the RS-Code Construction of Ring Signature Schemes and a Threshold Setting of RST. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 34–46. Springer, Heidelberg (2003)
Xu, S., Yung, M.: Accountable Ring Signatures: A Smart Card Approach. In: Sixth Smart Card Research and Advanced Application IFIP Conference, pp. 271–286
Zhang, F., Kim, K.: ID-Based Blind Signature and Ring Signature from Pairings. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 533–547. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Rivest, R.L., Shamir, A., Tauman, Y. (2006). How to Leak a Secret: Theory and Applications of Ring Signatures. In: Goldreich, O., Rosenberg, A.L., Selman, A.L. (eds) Theoretical Computer Science. Lecture Notes in Computer Science, vol 3895. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11685654_7
Download citation
DOI: https://doi.org/10.1007/11685654_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-32880-3
Online ISBN: 978-3-540-32881-0
eBook Packages: Computer ScienceComputer Science (R0)