Skip to main content

Practical Constant-Size Ring Signature


Bitcoin has gained its popularity for almost 10 years as a “secure and anonymous digital currency”. However, according to several recent researches, we know that it can only provide pseudonymity rather than real anonymity, and privacy has been one of the main concerns in the system similar to Bitcoin. Ring signature is a good method for those users who need better anonymity in cryptocurrency. It was first proposed by Rivest et al. based upon the discrete logarithm problem (DLP) assumption in 2006, which allows a user to sign a message anonymously on behalf of a group of users even without their coordination. The size of ring signature is one of the dominating parameters, and constant-size ring signature (where signature size is independent of the ring size) is much desirable. Otherwise, when the ring size is large, the resultant ring signature becomes unbearable for power limited devices or leads to heavy burden over the communication network. Though being extensively studied, currently there are only two approaches for constant-size ring signature. Achieving practical constant-size ring signature is a long-standing open problem since its introduction. In this work, we solve this open question. We present a new constant-size ring signature scheme based on bilinear pairing and accumulator, which is provably secure under the random oracle (RO) model. To the best of our knowledge, it stands for the most practical ring signature up to now.

This is a preview of subscription content, access via your institution.


  1. Satoshi N. Bitcoin: A peer-to-peer electronic cash system. 2008., Mar. 2018.

  2. Möser M. Anonymity of bitcoin transactions. In Proc. Münster Bitcoin Conf., July 2013, pp.17-18.

  3. Ron D, Shamir A. Quantitative analysis of the full bitcoin transaction graph. In Proc. the 17th Int. Conf. Financial Cryptography and Data Security, April 2013, pp.6-24.

  4. Androulaki E, Karame G O, Roeschlin M, Scherer T, Capkun S. Evaluating user privacy in bitcoin. In Proc. the 17th Int. Conf. Financial Cryptography and Data Security, April 2013, pp.34-51.

  5. Rivest R L, Shamir A, Tauman Y. How to leak a secret: Theory and applications of ring signatures. In Theoretical Computer Science, Goldreich O, Rosenberg A L, Selman A L (eds.), Springer, 2006, pp.164-186.

  6. Chaum D, van Heyst E. Group signatures. In Proc. Workshop on the Theory and Appl. Cryptographic Techniques, April 1991, pp.257-265.

  7. van Saberhagen N. Cryptonote v 2.0, 2013., March 2018.

  8. Noether S, Mackenzie A, The Monero Research Lab. Ring confidential transactions. Ledger, 2016, 1: 1-18.

    Article  Google Scholar 

  9. Jakobsson M, Sako K, Impagliazzo R. Designated verifier proofs and their applications. In Proc. Int. Conf. Theory and Appl. Cryptographic Techniques, May 1996, pp.143-154.

  10. Chow S S M, Liu J K, Wong D S. Robust receipt-free election system with ballot secrecy and verifiability. In Proc. Network and Distributed System Security Symp., Feb. 2008.

  11. Dodis Y, Kiayias A, Nicolosi A, Shoup V. Anonymous identification in ad hoc groups. In Proc. Int. Conf. Theory and Appl. Cryptographic Techniques, May 2004, pp.609-626.

  12. Naor M. Deniable ring authentication. In Proc. the 22nd Annu. Int. Cryptology Conf., August 2002, pp.481-498.

  13. Abe M, Ohkubo M, Suzuki K. 1-out-of-n signatures from a variety of keys. In Proc. the 8th Int. Conf. Theory and Appl. Cryptology and Information Security, December 2002, pp.415-432.

  14. Liu J K, Wei V K, Wong D S. Linkable spontaneous anonymous group signature for ad hoc groups. In Proc. the 9th Australasian Conf. Information Security and Privacy, July 2004, pp.325-335.

  15. Boneh D, Gentry C, Lynn B, Shacham H. Aggregate and verifiably encrypted signatures from bilinear maps. In Proc. Int. Conf. Theory and Appl. Cryptographic Techniques, May 2003, pp.416-432.

  16. Bender A, Katz J, Morselli R. Ring signatures: Stronger definitions, and constructions without random oracles. In Proc. the 3rd Theory of Cryptography Conf., March 2006, pp.60-79.

  17. Chandran N, Groth J, Sahai A. Ring signatures of sublinear size without random oracles. In Proc. the 34th Int. Colloquium on Automata Languages and Programming, July 2007, pp.423-434.

  18. Yuen T H, Liu J K, Au M H, Susilo W, Zhou J Y. Efficient linkable and/or threshold ring signature without random oracles. The Computer Journal, 2013, 56(4): 407-421.

    Article  Google Scholar 

  19. Ghadafi E M. Sub-linear blind ring signatures without random oracles. In Proc. the 14th IMA Int. Conf. Cryptography and Coding, December 2013, pp.304-323.

  20. Fuchsbauer G. Automorphic signatures in bilinear groups and an application to round-optimal blind signatures. IACR Cryptology ePrint Archive Report 2009/320, 2009., Mar. 2018.

  21. Bose P, Das D, Rangan C P. Constant size ring signature without random oracle. In Proc. the 20th Australasian Conf. Information Security and Privacy, July 2015, pp.230-247.

  22. Galbraith S D, Paterson K G, Smart N P. Pairings for cryptographers. Discrete Applied Mathematics, 2008, 156(16): 3113-3121.

    MathSciNet  Article  MATH  Google Scholar 

  23. Nguyen L. Accumulators from bilinear pairings and applications. In Proc. Cryptographers’ Track at the RSA Conference, February 2005, pp.275-292.

  24. Ben-Sasson E, Chiesa A, Garman C, Green M, Miers I, Tromer E, Virza M. Zerocash: Decentralized anonymous payments from bitcoin. In Proc. IEEE Symp. Security and Privacy (SP), May 2014, pp.459-474.

  25. Bellare M, Neven G. Multi-signatures in the plain public-key model and a general forking lemma. In Proc. the 13th ACM Conf. Computer and Communications Security, October 30-November 3, 2006, pp.390-399.

  26. Goldwasser S, Micali S, Rackoff C. The knowledge complexity of interactive proof systems. SIAM Journal on Computing, 1989, 18(1): 186-208.

    MathSciNet  Article  MATH  Google Scholar 

  27. Bleichenbacher D, Maurer U. On the efficiency of onetime digital signatures. In Proc. Int. Conf. Theory and Appl. Cryptology and Information Security, November 1996, pp.145-158.

  28. Perrig A. The BiBa one-time signature and broadcast authentication protocol. In Proc. the 8th ACM Conf. Computer and Communications Security, November 2001, pp.28-37.

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Yun-Lei Zhao.

Electronic supplementary material

Below is the link to the electronic supplementary material.


(PDF 273 kb)

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Qin, MJ., Zhao, YL. & Ma, ZJ. Practical Constant-Size Ring Signature. J. Comput. Sci. Technol. 33, 533–541 (2018).

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI:


  • ring signature
  • constant size
  • bilinear pairing
  • accumulator