Advertisement

Ring Signature

  • Joseph K. Liu
Chapter

Abstract

In this chapter, we discuss the basics of ring signature—a kind of anonymous signature that allows a user to sign on behalf of a self-formed group such that the verifier only knows that the signer is one of the users of this group but cannot find out the identification information (such as public key) of the real signer. We give the security model and a simple construction based on discrete logarithm setting. Then, we cover a variant called linkable ring signature, which provides linkability in addition to the property of a normal ring signature. Finally, we present a commercial application of (linkable) ring signature in blockchain called Ring Confidential Transaction (RingCT), which is the privacy-preserving protocol used in Monero, one of the largest cryptocurrencies in the world.

References

  1. 1.
    Abe, M., Ohkubo, M., & Suzuki, K. (2002). 1-out-of-n signatures from a variety of keys. In Y. Zheng (Ed.), Advances in Cryptology - ASIACRYPT 2002, Proceedings (vol. 2501, pp. 415–432)., Lecture notes in computer science Berlin: Springer.Google Scholar
  2. 2.
    Rivest, R.L., Shamir, A., & Tauman, Y. (2001). How to leak a secret. In C. Boyd (Ed.), Advances in Cryptology - ASIACRYPT 2001, Proceedings (vol. 2248, pp. 552–565)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  3. 3.
    Cramer, R., Damgård, I., & Schoenmakers, B. (1994). Proofs of partial knowledge and simplified design of witness hiding protocols. In Y. Desmedt (Ed.), Advances in Cryptology - CRYPTO ’94, Proceedings (vol. 839, pp. 174–187)., Lecture notes in computer science. Berlin: Springer.Google Scholar
  4. 4.
    Bellare, M., Micciancio, D., & Warinschi, B. (2003). Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In E. Biham (Ed.), Advances in Cryptology - EUROCRYPT 2003, Proceedings (vol. 2656, pp. 614–629)., Lecture notes in computer science. Berlin: Springer.Google Scholar
  5. 5.
    Camenisch, J., & Stadler, M. (1997). Efficient group signature schemes for large groups (Extended Abstract). In B. S. K. Jr (Ed.), Advances in Cryptology - CRYPTO ’97, Proceedings (vol. 1294, pp. 410–424)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  6. 6.
    Chaum, D., & van Heyst, E. (1991). Group signatures. In D. W. Davies (Ed.), Advances in Cryptology - EUROCRYPT ’91, Proceedings (vol. 547, pp. 257–265)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  7. 7.
    Zhang, F., & Kim, K. (2002). ID-based blind signature and ring signature from pairings. In Y. Zheng (Ed.), Advances in Cryptology - ASIACRYPT 2002, Proceedings (vol. 2501, pp. 533–547)., Lecture notes in computer science. Berlin: Springer.Google Scholar
  8. 8.
    Dodis, Y., Kiayias, A., Nicolosi, A., & Shoup, V. (2004). Anonymous identification in Ad Hoc groups. In C. Cachin & J. Camenisch (Eds.), Advances in Cryptology - EUROCRYPT 2004, Proceedings (vol. 3027. pp. 609–626)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  9. 9.
    Liu, J. K., Wei, V. K., & Wong, D. S. (2004). Linkable spontaneous anonymous group signature for Ad Hoc groups (Extended Abstract). In Information Security and Privacy: 9th Australasian Conference, ACISP 2004 (vol. 3108, pp. 325–335)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  10. 10.
    Au, M. H., Liu, J. K., Susilo, W., & Yuen, T. H. (2006). Constant-size id-based linkable and revocable-iff-linked ring signature. In INDOCRYPT 2006 (vol. 4329, pp. 364–378)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  11. 11.
    Liu, D. Y. W., Liu, J. K., Mu, Y., Susilo, W., & Wong, D. S. (2007). Revocable ring signature. Journal of Computer Science and Technology, 22(6), 785–794.MathSciNetCrossRefGoogle Scholar
  12. 12.
    Bresson, E., Stern, J., Szydlo, M. (2002). Threshold ring signatures and applications to ad-hoc groups. In 22nd Annual International Cryptology Conference on Advances in Cryptology - CRYPTO 2002, Santa Barbara, California, USA, August 18-22, 2002, Proceedings (vol. 2442, pp. 465–480)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  13. 13.
    Bresson, E., Stern, J., & Szydlo. M. (2002). Threshold ring signatures and applications to Ad-hoc groups. In M. Yung (Ed.), Advances in Cryptology - CRYPTO 2002, Proceedings (vol. 2442. pp. 465–480)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  14. 14.
    Susilo, W., & Mu, Y. (2004). Non-interactive deniable ring authentication. In J.I. Lim & D.H. Lee (Eds.), Information Security and Cryptology - ICISC 2003, Revised Papers (vol. 2971, pp. 386–401)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  15. 15.
    Susilo, W., Mu, Y., & Zhang, F. (2004). Perfect concurrent signature schemes. In J. Lopez, S. Qing, & E. Okamoto (Eds.), Information and Communications Security, 6th International Conference, ICICS 2004, Proceedings (vol. 3269, pp. 14–26)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  16. 16.
    Laguillaumie, F., & Vergnaud, D. (2004). Multi-designated verifiers signatures. In J. Lopez, S. Qing, & E. Okamoto (Eds.), Information and Communications Security, 6th International Conference, ICICS 2004, Proceedings (vol. 3269, pp. 495–507)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  17. 17.
    Noether, S. (2015). Ring signature confidential transactions for monero. IACR Cryptology. arXiv:2015:1098
  18. 18.
    Au, M. H., Chow, S. S. M., Susilo, W., & Tsang, P. P. (2006). Short linkable ring signatures revisited. In Public Key Infrastructure, Third European PKI Workshop: Theory and Practice, EuroPKI 2006, Turin, Italy, June 19-20, 2006, Proceedings (vol. 4043, pp. 101–115)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar
  19. 19.
    Au, M. H., Liu, J. K., Susilo, W., & Yuen, T. H. (2013). Secure id-based linkable and revocable-iff-linked ring signature with constant-size construction. Theoretical Computer Science, 469, 1–14.MathSciNetCrossRefGoogle Scholar
  20. 20.
    Groth, J., & Kohlweiss, M. (2015). One-out-of-many proofs: Or how to leak a secret and spend a coin. In Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II (vol. 9057, pp. 253–280)., Lecture notes in computer science. Berlin: Springer.Google Scholar
  21. 21.
    Libert, B., Ling, S., Nguyen, K., & Wang, H. (2016). Zero-knowledge arguments for lattice-based accumulators: Logarithmic-size ring signatures and group signatures without trapdoors. In Advances in Cryptology - EUROCRYPT 2016 - 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II (vol. 9666, pp. 1–31)., Lecture notes in computer science. Berlin: Springer.Google Scholar
  22. 22.
    Torres, W.A.A., Steinfeld, R., Sakzad, A., Liu, J.K., Kuchta, V., Bhattacharjee, N., et al. (2018). Post-quantum one-time linkable ring signature and application to ring confidential transactions in blockchain (lattice ringct v1.0). In ACISP 2018 (vol. 10946, pp. 558–576)., Lecture notes in computer science. Berlin: Springer.Google Scholar
  23. 23.
    Derler, D., Ramacher, S., & Slamanig, D. (2018). Post-quantum zero-knowledge proofs for accumulators with applications to ring signatures from symmetric-key primitives. In PQCrypto 2018 (vol. 10786, pp. 419–440)., Lecture notes in computer science. Berlin: Springer.CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Faculty of Information TechnologyMonash UniversityMelbourneAustralia

Personalised recommendations