Advertisement

On the Security Models of (Threshold) Ring Signature Schemes

  • Joseph K. Liu
  • Duncan S. Wong
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3506)

Abstract

We make fine-grained distinctions on the security models for provably secure ring signature schemes. Currently there are two commonly used security models which are specified by Rivest et al. [1] and Abe et al. [1]. They offer different levels of security. In this paper, we introduce a new but compatible model whose security level can be considered to be lying in between these two commonly used models. It is important to make fine-grained distinctions on the security models because some schemes may be secure in some of the models but not in the others. In particular, we show that the bilinear map based ring signature scheme of Boneh et al. [4], which have been proven secure in the weakest model (the one specified by Rivest et al. [15]), is actually insecure in stronger models (the new model specified by us in this paper and the one specified by Abe et al. [1]). We also propose a secure modification of their scheme for each of the two stronger models. In addition, we propose a threshold ring signature scheme using bilinear maps and show its security against adaptive adversaries in the strongest model defined in this paper. Throughout the paper, we carry out all of the security analyses under the random oracle assumption.

Keywords

Ring Signature Security Models Anonymity Bilinear Maps 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of-n signatures from a variety of keys. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415–432. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proc. 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Bresson, E., Stern, J., Szydlo, M.: Threshold ring signatures and applications to ad-hoc groups. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 465–480. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)Google Scholar
  8. 8.
    Chaum, D., Van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)Google Scholar
  9. 9.
    Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  10. 10.
    Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous identification in ad-hoc groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, Springer, Heidelberg (2004)Google Scholar
  11. 11.
    Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attack. SIAM J. Computing 17(2), 281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Liu, J.K., Wei, V.K., Wong, D.S.: Linkable and anonymous signature for ad hoc groups. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 325–335. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  13. 13.
    Liu, J.K., Wei, V.K., Wong, D.S.: A separable threshold ring signature scheme. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 12–26. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Ohta, K., Okamoto, T.: On concrete security treatment of signatures derived from identification. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 354–369. Springer, Heidelberg (1998)Google Scholar
  15. 15.
    Rivest, R., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Wong, D., Fung, K., Liu, J., Wei, V.: On the RS-code construction of ring signature schemes and a threshold setting of RST. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 34–46. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Zhang, F., Kim, K.: ID-Based blind signature and ring signature from pairings. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 533–547. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Joseph K. Liu
    • 1
  • Duncan S. Wong
    • 2
  1. 1.Department of Information EngineeringThe Chinese University of Hong KongShatin, Hong Kong
  2. 2.Department of Computer ScienceCity University of Hong KongKowloon, Hong Kong

Personalised recommendations

Cite paper

Buy options