ABSTRACT
Though anonymity of ring signature schemes has been studied in many literatures for a long time, these papers showed different definitions and there is no consensus. Recently, Bender et al. proposed two new anonymity definitions of ring signature which is stronger than the traditional definition, that are called anonymity against attribution attacks/full key exposure. Also, ring signature schemes have two levels of unforgeability definitions, i.e., existential un-forgeability (eUF) and strong existential unforgeability (sUF). In this paper, we will redefine anonymity and unforgeability definitions from the standpoint of universally composable (UC) security framework. First, we will formulate new ideal functionalities of ring signature schemes for each security levels separately. Next, we will show relations between cryptographic security definitions and our UC definitions. Finally, we will give another proof of the Bender et al.'s ring signature scheme following the UC secure definition by constructing a simulator to an adversary of sUF, which can be adaptable to the case of sUF under the assumption of a standard single sUF signature scheme.
- A. Bender, J. Katz, and R. Morselli. Ring Signatures: Stronger Definitions, and Constructions Without Random Oracles. In TCC 2006, pages 60--79, 2006. Google ScholarDigital Library
- K. Yoneyama, Y. Hanatani, B. Santoso, and K. Ohta. Universally Composable Ring Signature. In IWSEC2006, 2006.Google Scholar
Index Terms
- Ring signatures: universally composable definitions and constructions
Recommendations
Cryptanalysis of a Generalized Ring Signature Scheme
The concept of ring signature was first introduced by Rivest et al. in 2001. In a ring signature, instead of revealing the actual identity of the message signer, it specifies a set of possible signers. The verifier can be convinced that the signature ...
Policy-controlled signatures and their applications
In this paper, we present a new cryptographic primitive called "policy-controlled signatures". In this notion, a signer can sign a message and attach it with some policies. Only a verifier who satisfies the policies attached can verify the authenticity ...
Enhancement of Generalized Ring Signatures with Convertibility
ISBAST '12: Proceedings of the 2012 International Symposium on Biometrics and Security TechnologiesRing signature is a kind of group-oriented signature. It allows a member of a group to sign messages on behalf of the group without revealing her/his identity. The verifier can be convinced that the signature was indeed generated by one of the ring ...
Comments