Abstract
Ring signatures are an important primitive for protecting signers’ privacy while ensuring that a signature in question is indeed issued by some qualified user. This notion can be seen as a generalization of the well-known notion of group signatures. A group signature is a signature such that a verifier can establish its validity but not the identity of the actual signer, who can nevertheless be identified by a designated entity called group manager. A ring signature is also a signature such that a verifier can establish its validity but not the identity of the actual signer, who indeed can never be identified by any party. An important advantage of ring signatures over group signatures is that there is no need to pre-specify rings or groups of users.
In this paper, we argue that the lack of an accountability mechanism in ring signature schemes would result in severe consequences, and thus accountable ring signatures might be very useful. An accountable ring signature ensures the following: anyone can verify that the signature is generated by a user belonging to a set of possible signers that may be chosen on-the-fly, whereas the actual signer can nevertheless be identified by a designated trusted entity - a system-wide participant independent of any possible ring of users. Further, we present a system framework for accountable ring signatures. The framework is based on a compiler that transforms a traditional ring signature scheme into an accountable one. We also conduct a case study by elaborating on how a traditional ring signature scheme is transformed into an accountable one while assuming a weak trust model.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Abe, M. Ohkubo, and K. Suzuki. 1-out-of-n Signatures from a Variety of Keys. Asiacrypt’02.
R. Anderson and M. Kuhn. Low Cost Attacks on Tamper Resistant Devices. Security Protocol’97.
G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. Crypto’00.
M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated Key Exchange Secure against Dictionary Attacks. Eurocrypt’00.
M. Bellare and P. Rogaway. Random Oracles Are Practical: A Paradigm for Designing Efficient Protocols. ACM CCS’93.
D. Boneh and M. Franklin. Efficient Generation of Shared RSA Keys (Extended Abstract). Crypto’97.
E. Bresson, J. Stern, and M. Szydlo. Threshold Ring Signatures and Applications to Ad-Hoc Groups. Crypto’02.
J. Camenisch. Efficient and Generalized Group Signatures. Eurorypt’97.
J. Camenisch and A. Lysyanskaya. Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials. Crypto’02.
J. Camenisch and M. Michels. A Group Signature Scheme based on an RSA-variant. Tech. Report RS-98-27, BRICS. Preliminary version appeared at Asiacrypt’ 98.
J. Camenisch and M. Stadler. Efficient Group Signature Schemes for Large Groups (Extended Abstract). Crypto’97.
S. Canard and M. Girault. Implementing Group Signature Schemes with Smart Cards. Cardis’02.
D. Chaum. Blind Signatures for Untraceable Payments. Crypto’82.
S. Chaum and E. van Heyst. Group Signatures. Eurocrypt’91.
L. Chen and T. Pedersen. New Group Signature Schemes. Eurocrypt’94.
J. Coron, M. Joye, D. Naccache, and P. Paillier. Universal Padding Schemes for RSA. Crypto’02.
R. Cramer, I. Damgard, and B. Schoenmakers. Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols. Crypto’94.
A. De Santis, G. Di Crescenzo, G. Persiano, and M. Yung. On Monotone Formula Closure of SZK. FOCS’94. pp 454–465.
Y. Desmedt. Simmons’ Protocol Is Not Free of Subliminal Channels. Computer Security Foundation Workshop’96.
A. Fiat and A. Shamir. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. Crypto’86.
O. Goldreich, S. Goldwasser, and S. Micali. How to Construct Random Functions. J. ACM, Vol. 33, No. 4, 1986, pp 210–217.
S. Goldwasser and S. Micali. Probabilistic Encryption. JCSS, 1984.
S. Goldwasser, S. Micali, R. Rivest. A Digital Signature Scheme Secure against Adaptive Chosen-message Attacks. SIAM J. Computing, 17(2), 1988.
M. Naor, B. Pinkas, and O. Reingold. Distributed Pseudo-Random Functions and KDCs. Eurocrypt’99.
R. L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystem. Communication of the ACM, Vol. 21, No. 2, 1978.
R. Rivest, A. Shamir, and Y. Tauman. How to Leak a Secret. Asiacrypt’01.
G. J. Simmons. The History of Subliminal Channels. IEEE Journal on Selected Areas in Communication, vol. 16, no. 4, May 1998.
G. Tsudik and S. Xu. Accumulating Composites and Improved Group Signing. Asiacrypt’03.
B. von Solms and D. Naccache, On Blind Signatures and Perfect Crimes, Computers & Security, 11(6), 1992, 581–583.
A. Young and M. Yung. Kleptography: using Cryptography Against Cryptography. Crypto’97.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science + Business Media, Inc.
About this paper
Cite this paper
Xu, S., Yung, M. (2004). Accountable Ring Signatures: A Smart Card Approach. In: Quisquater, JJ., Paradinas, P., Deswarte, Y., El Kalam, A.A. (eds) Smart Card Research and Advanced Applications VI. IFIP International Federation for Information Processing, vol 153. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8147-2_18
Download citation
DOI: https://doi.org/10.1007/1-4020-8147-2_18
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-8146-0
Online ISBN: 978-1-4020-8147-7
eBook Packages: Springer Book Archive