Identity-Based Linkable Ring Signatures From Lattices
Ngọc Thành Lê2021, IEEE Access
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Linkable ring signatures is a useful cryptographic tool for constructing applications such as ones relative to electronic voting (e-voting), digital cashes (e-cashes) as well as cloud computing. Equipped with linkable ring signatures, e-voting, e-cash systems can simultaneously enjoy the privacy and the unreusability properties thanks to the anonymity and the linkability of linkable ring signatures. Likewise, cloud servers can enjoy a privacy-preserving ability, a flexible access control and an efficient security management with linkable ring signatures. Moreover, linkable ring signatures built in the identity-based setting would help to remove the expense of using the conventional public key infrastructure and also could be applied to the user management. This primitive hence would be suitable for huge-scale applications. In this paper, we present the first identity-based linkable ring signatures (IdLRS) in both integer lattice and ideal lattice setting. The proposed IdLRS is proved secure in the random oracle model and based on the hardness of the short integer solution and ring short integer solution assumption. We also implement the proposed idLRS as a proof of concept and then do some experiments to evaluate the running times and the sizes. INDEX TERMS Identity-based linkable ring signatures, e-voting, e-cash, cloud computing, lattices.
Related papers
A provably secure identity-based proxy ring signature based on RSA
Security and Communication Networks, 2014
Proxy ring (anonymous proxy) signatures allow an entity to delegate its signing capability to a group of entities (proxy group) such that only one of the members in the proxy group can generate a proxy signature on behalf of the delegator while privacy of the proxy signer is protected. Identity-based versions of proxy ring signatures employ identity strings in place of randomly generated public keys. Our contribution is two-fold. First, we formalize a security model for identity-based proxy ring signatures. We note that there exists no formal security model for identity-based proxy ring signatures prior to our work. Second, we present the rst provably secure identity-based proxy ring signature scheme using a new paradigm called sequential aggregation. The construction is proved secure, under the one-wayness assumption of RSA, in the random oracle model by presenting a new forking lemma.We should highlight that the proxy key exposure attack cannot be applied to our scheme. Further, in contrast to the existing schemes that are based on pairings, our scheme is based on RSA; therefore, it outperforms the existing schemes in terms of eciency and practicality.
An identity based ring signcryption scheme with public verifiability
2010 International Conference on Security and Cryptography (SECRYPT), 2010
Signcryption is a cryptographic primitive which offers authentication and confidentiality simultaneously with a cost lower than signing and encrypting the message independently. Ring signcryption enables a user to anonymously signcrypt a message on behalf of a set of users including himself. Thus a ring signcrypted message has anonymity in addition to authentication and confidentiality. Ring signcryption schemes have no centralized coordination: any user can choose a ring of users, that includes himself and signcrypt any message without any assistance from the other group members. Ring Signcryption is useful for leaking trustworthy secrets in an anonymous, authenticated and confidential way. To the best of our knowledge, ten identity based ring signcryption schemes are reported in the literature. Three of them were proved to be insecure in (Li et al., 2008a), (Zhang et al., 2009a) and (Vivek et al., 2009). Four of them were proved to be insecure in (Selvi et al., 2009). In this pape...
On the Security of Identity Based Ring Signcryption Schemes
Lecture Notes in Computer Science, 2009
Signcryption is a cryptographic primitive which offers authentication and confidentiality simultaneously with a cost lower than signing and encrypting the message independently. Ring signcryption enables a user to signcrypt a message along with the identities of a set of potential senders (that includes him) without revealing which user in the set has actually produced the signcryption. Thus a ring signcrypted message has anonymity in addition to authentication and confidentiality. Ring signcryption schemes have no group managers, no setup procedures, no revocation procedures and no coordination: any user can choose any set of users (ring), that includes himself and signcrypt any message by using his private and public key as well as other users (in the ring) public keys, without getting any approval or assistance from them. Ring Signcryption is useful for leaking trustworthy secrets in an anonymous, authenticated and confidential way.
An identity-based ring signature scheme with enhanced privacy
… and Workshops, 2006, 2006
There are many applications in which it is necessary to transmit authenticatable messages while achieving certain privacy goals such as signer ambiguity. The emerging area of vehicular ad-hoc network is a good example application domain with this requirement. The ring signature technique that uses an ad-hoc group of signer identities is a widely used method for generating this type of privacy preserving digital signatures. The identity-based cryptographic techniques do not require certificates. The construction of ring signatures using identity-based cryptography allow for privacy preserving digital signatures to be created in application when certificates are not readily available or desirable such as in vehicle area networks. We propose a new designated verifier identitybased ring signature scheme that is secure against full key exposure attacks even for a small group size. This is a general purpose primitive that can be used in many application domains such as ubiquitous computing where signer ambiguity is required in small groups. We consider the usefulness of identity-based cryptographic primitives in vehicular adhoc networks and use a specific example application to illustrate the use of identity-based ring signatures as a tool to create privacy preserving authenticatable messages.
An Identity-Based Ring Signcryption Scheme
2013
Signcryption enables a user to perform digital signature for providing authenticity and public key encryption for providing message confidentiality simultaneously in a single logical step with a cost lesser than sign-then-encrypt approach. As the concept of ring signcryption emerged, various practical applications like electronic transaction protocol and key management protocols, felt the requirement of signer's privacy, which was lacking in normal signcryption schemes. Without revealing the users' identity of the ring signcryption can provide confidentiality and authenticity both. In this paper, we present a new ID-based ring signcryption scheme, motivated to the scheme provided by Zhu et al.[9]. Selvi et al. [17] and Wang et al. [23] found some security flaws in the Zhu's scheme , which is being considered and repaired in this paper. The proposed scheme is proven to be secure against adaptive chosen ciphertext ring attacks (IND-IDRSC-CCA2) and secure against an existential forgery for adaptive chosen message attacks (EF-IDRSC-ACMA).
Escrowed Linkability of Ring Signatures and its Applications
2006
Ring signatures allow a user to sign anonymously on behalf of a group of spontaneously conscripted members. Two ring signatures are linked if they are issued by the same signer. We introduce the notion of Escrowed Linkability of ring signatures, such that only a Linking Authority can link two ring signatures; otherwise two ring signatures remain unlinkable to anyone.
Short Linkable Ring Signatures Revisited
2006
Abstract. Ring signature is a group-oriented signature in which the signer can spontaneously form a group and generate a signature such that the verifier is convinced the signature was generated by one member of the group and yet does not know who actually signed. Linkable ring signature is a variant such that two signatures can be linked if and only if they were signed by the same person. Recently, the first short linkable ring signature has been proposed.
A Certificateless Proxy Ring Signature Scheme with Provable Security
2011
Proxy ring signature allows proxy signer to sign messages on behalf of the original signer while providing anonymity. Certificateless public key cryptography was first introduced by Al-Riyami and Paterson in Asiacrypt 2003. In certificateless cryptography, it does not require the use of certificates to guarantee the authenticity of users' public keys. Meanwhile, certificateless cryptography does not have the key escrow problem, which seems to be inherent in the Identity-based cryptography. In this paper, we introduce the notion of proxy ring signature into certificateless public key cryptography and propose a concrete certificateless proxy ring signature scheme. The security models of certificateless proxy ring signature are also formalized. The security of the proposed scheme can be proved to be equivalent to the computational Diffie-Hellman problem in the random oracle with a tight reduction.
Id-based ring signature and proxy ring signature schemes from bilinear pairings. Cryptology ePrint Archive, Report 2004/184
Advances in Neural Information Processing Systems. …, 2004
Identity-Based Ring Signature for Data Sharing in Cloud with Forward Security
Cloud computing greatly facilitates information providers who ought to supply their info to the cloud whereas not revealing their sensitive information to external parties. data sharing has ne'er been easier with the advances of cloud computing, and an correct analysis on the shared data provides an array of advantages to each the society and people. data sharing with an outsized variety of participants should take into consideration many problems, together with efficiency, data integrity and privacy of information owner. In existing system Cloud applications have completely different necessities in terms of price and quality, and different applications can co-exist within the same cloud infrastructure that have different tradeoffs between these.it permits completely different applications to implement their own tradeoffs transparently by abstracting away the task of allocating resources between applications with differing necessities to an auction mechanism.in existing system,If a secret key of any user has been compromised then the we have a tendency to loose all the information that we ar sharing for this reason we tends to projected model. Ring signature could be a promising candidate to construct an anonymous and authentic data sharing system. It permits Data owner to anonymously certify his data which may be place into the cloud for storage or analysis purpose. nonetheless the expensive certificate verification within the ancient public key infrastructure (PKI) setting becomes a bottleneck for this resolution to be scalable. Identity-based (ID-based) ring signature, that eliminates the method of certificate verification. we any enhance the safety of ID-based ring signature by providing forward security: If a secret key of any user has been compromised, all previous generated signatures that embody this user still stay valid. This property is very vital to any giant scale data sharing system, because it is not possible to raise all data owners to reauthenticate their data even if a secret key of 1 single user has been compromised. we offer a concrete and economical instantiation of our theme, prove its security and supply an implementation to indicate its utility.
Related topics
Related papers
An efficient and provable secure identity-based ring signcryption scheme
Computer Standards & Interfaces, 2009
a b s t r a c t ID-based ring signcryption schemes (IDRSC) are usually derived from bilinear parings, a powerful but computationally expensive primitive. The number of paring computations of all existing ID-based ring signcryption schemes from bilinear pairings grows linearly with group size, which makes the efficiency of IDbased schemes over traditional schemes questionable. This paper presents a new identity-based ring signcryption scheme, which only takes four pairing operations for any group size and the scheme is proven to be indistinguishable against adaptive chosen ciphertext ring attacks (IND-IDRSC-CCA2) and existentially unforgeable against adaptive chosen message and identity attacks (EUF-IDRSC-ACMA) under the random oracle model.
An efficient and secure ID-based multi-proxy multi-signature scheme based on lattice
2019
Multi-proxy multi-signature schemes are useful in distributed networks, where a group of users cooperatively could delegate their administrative rights to the users of another group, who are authorized to generate the proxy signatures cooperatively on behalf of the original signers. In this paper, we aim to propose an ID-based lattice-based multiproxy multi-signature (ILMPMS) scheme, which enjoys security against quantum computers and efficiency due to ID-based framework, linear operations and possibility of parallel computations based on lattices. For this purpose, we first propose an ID-based lattice-based multi-signature scheme, used as the underlying signature in our ILMPMS scheme. We prove existential unforgeability of both schemes against adaptive chosenmessage attack in the random oracle model based on the hardness of the learning with errors problem over standard lattices.
COIRS: Cost Optimized Identity based Ring Signature with Forward Secrecy in Cloud Computing
In recent days Cloud computing is a rising technique which offers data sharing with more efficient, effective and economical approaches between group members. To create an authentic and anonymous data sharing, IDentity based Ring Signature (ID-RS) is one of the promising technique between the groups. Ring signature scheme permits the manager or data owner to authenticate into the system in anonymous manner. In conventional Public Key Infrastructure (PKI) data sharing scheme contains certificate authentication process, which is a bottleneck because of its high cost. To avoid this problem, we proposed Cost Optimized Identity based Ring Signature with forward secrecy (COIRS) scheme. This scheme helps to remove the traditional certificate verification process. Only once the user needs to be verified by the manager giving his public details. The cost and time required for this process is comparatively less than traditional public key infrastructure. If the secret key holder has been compromised, all early generated signatures remains valid (Forward Secrecy). This paper discuss about how to optimize the time and cost when sharing the files to the cloud. We provide a protection from collision attack, which means revoked users will not get the original documents. In general better efficiency and secrecy can be provided for group sharing by applying above approaches.
Post-Quantum One-Time Linkable Ring Signature and Application to Ring Confidential Transactions in Blockchain (Lattice RingCT v1.0)
Information Security and Privacy, 2018
In this paper, we construct a Lattice-based one-time Linkable Ring Signature (L2RS) scheme, which enables the public to verify if two or more signatures were generated by same signatory, whilst still preserving the anonymity of the signatory. The L2RS provides unconditional anonymity and security guarantees under the Ring Short Integer Solution (Ring-SIS) lattice hardness assumption. The proposed L2RS scheme is extended to be applied in a protocol that we called Lattice Ring Confidential transaction (Lattice RingCT) RingCT v1.0, which forms the foundation of the privacy-preserving protocol in any post-quantum secure cryptocurrency such as Hcash.
Secure ID-based linkable and revocable-iff-linked ring signature with constant-size construction
Theoretical Computer Science, 2013
In this paper, we propose a new ID-based event-oriented linkable ring signature scheme, with an option as revocable-iff-linked. With this option, if a user generates two linkable ring signatures in the same event, everyone can compute his identity from these two signatures. We are the first in the literature to propose such a secure construction in ID-based setting. Even compared with other existing non ID-based schemes, we enjoy significant efficiency improvement, including constant signature size and linking complexity.
A suite of id-based threshold ring signature schemes with different levels of anonymity
2005
Abstract. Since the introduction of Identity-based (ID-based) cryptography by Shamir in 1984, numerous ID-based signature schemes have been proposed. In 2001, Rivest et al. introduced ring signature that provides irrevocable signer anonymity and spontaneous group formation. In recent years, ID-based ring signature schemes have been proposed and all of them are based on bilinear pairings. In this paper, we propose the first ID-based threshold ring signature scheme that is not based on bilinear pairings.
Ring Signatures: Stronger Definitions, and Constructions without Random Oracles
Journal of Cryptology, 2009
Ring signatures, first introduced by Rivest, Shamir, and Tauman, enable a user to sign a message so that a ring of possible signers (of which the user is a member) is identified, without revealing exactly which member of that ring actually generated the signature. In contrast to group signatures, ring signatures are completely "ad-hoc" and do not require any central authority or coordination among the various users (indeed, users do not even need to be aware of each other); furthermore, ring signature schemes grant users fine-grained control over the level of anonymity associated with any particular signature. This paper has two main areas of focus. First, we examine previous definitions of security for ring signature schemes and suggest that most of these prior definitions are too weak, in the sense that they do not take into account certain realistic attacks. We propose new definitions of anonymity and unforgeability which address these threats, and give separation results proving that our new notions are strictly stronger than previous ones. Second, we show the first constructions of ring signature schemes in the standard model. One scheme is based on generic assumptions and satisfies our strongest definitions of security. Two additional schemes are more efficient, but achieve weaker security guarantees and more limited functionality.
A suite of non-pairing ID-based threshold ring signature schemes with different levels of anonymity (extended abstract)
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2010
Since the introduction of Identity-based (ID-based) cryptography by Shamir in 1984, numerous ID-based signature schemes have been proposed. In 2001, Rivest et al. introduced ring signature that provides irrevocable signer anonymity and spontaneous group formation. In recent years, ID-based ring signature schemes have been proposed and almost all of them are based on bilinear pairings. In this paper, we propose the first ID-based threshold ring signature scheme that is not based on bilinear pairings. We also propose the first ID-based threshold 'linkable' ring signature scheme. We emphasize that the anonymity of the actual signers is maintained even against the private key generator (PKG) of the ID-based system. Finally we show how to add identity escrow to the two schemes. Due to the different levels of signer anonymity they support, the schemes proposed in this paper actually form a suite of ID-based threshold ring signature schemes which is applicable to many real-world applications with varied anonymity requirements.
A Review Of Ring Signature Schemes For Authentic And Anonymous Data Sharing
Data sharing becoming more and more challenging today there are number of environment like data authenticity, anonymity, availability, access control and efficiency. The concept of ring signature seems promising for data sharing system. A ring signature is a simplified group signature without any manager. It protects the anonymity of the signature producer. In this paper we review the state of the art of ring signature schemes in the literature and investigated their relationship with other existing schemes to improve ring signature like blind signature, threshold signature, identity-based (ID-based) ring signature and other to improve the security.
Group Signatures from Lattices: Simpler, Tighter, Shorter, Ring-Based
Lecture Notes in Computer Science, 2015
We introduce a lattice-based group signature scheme that provides several noticeable improvements over the contemporary ones: simpler construction, weaker hardness assumptions, and shorter sizes of keys and signatures. Moreover, our scheme can be transformed into the ring setting, resulting in a scheme based on ideal lattices, in which the public key and signature both have bit-size O(n • log N), for security parameter n, and for group of N users. Towards our goal, we construct a new lattice-based cryptographic tool: a statistical zero-knowledge argument of knowledge of a valid message-signature pair for Boyen's signature scheme (Boyen, PKC'10), which potentially can be used as the building block to design various privacy-enhancing cryptographic constructions.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.