Threshold Ring Signatures and Applications to Ad-hoc Groups

  • Emmanuel Bresson
  • Jacques Stern
  • Michael Szydlo
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2442)


In this paper, we investigate the recent paradigm for group signatures proposed by Rivest et al. at Asiacrypt ’01.We first improve on their ring signature paradigm by showing that it holds under a strictly weaker assumption, namely the random oracle model rather than the ideal cipher. Then we provide extensions to make ring signatures suitable in practical situations, such as threshold schemes or ad-hoc groups. Finally we propose an efficient scheme for threshold scenarios based on a combinatorial method and provably secure in the random oracle model.


Hash Function Signature Scheme Ring Signature Random Oracle Model Group Signature Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    N. Alon, R. Yuster and U. Zwick. Color Coding. J. of ACM, (42):844–856.Google Scholar
  2. 2.
    N. Asokan and P. Ginzboorg. Key Agreement in Ad-hoc Networks. Expanded version of a talk given at the Nordsec’ 99 Workshop.Google Scholar
  3. 3.
    G. Ateniese, J. Camenisch, M. Joye, G. Tsudik. A practical and provably secure coalition-resistant group signature scheme. In Crypto’ 00, LNCS 1880, pp. 255–270.Google Scholar
  4. 4.
    O. Baudron, P.-A. Fouque, D. Pointcheval, G. Poupard, and J. Stern. Practical multi-candidate election system. In PODC’ 01. ACM, 2001.Google Scholar
  5. 5.
    M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated key exchange secure against dictionary attacks. In Eurocrypt’ 00, LNCS 1807, pp. 139–155.Google Scholar
  6. 6.
    S. Brands. Untraceable o.-line cash in wallets with observers. In Crypto’ 93, LNCS 773, pp. 302–318.Google Scholar
  7. 7.
    E. Bresson, J. Stern and M. Szydlo. Threshold Ring Signatures for Ad-Hoc Groups. Full version of this paper,
  8. 8.
    J. Camenish and M. Michels. Separability and efficiency for generic group signature schemes. In Crypto’ 99, LNCS 1666, pp. 106–121.Google Scholar
  9. 9.
    J. Camenish and M. Stadler. Efficient group signatures schemes for large groups. In Crypto’ 97, LNCS 1294, pp. 410–424.Google Scholar
  10. 10.
    D. Chaum and T. Pedersen. Wallet databases with observers. In Crypto’ 92, LNCS 740, pp. 89–105.Google Scholar
  11. 11.
    D. Chaum, E. van Heyst. Group signatures. Eurocrypt’ 91, LNCS 547, pp. 257–265.Google Scholar
  12. 12.
    L. Chen and T. Pedersen. New group signature schemes. In Eurocrypt’ 94, LNCS 950, pp. 171–181.CrossRefGoogle Scholar
  13. 13.
    R. Cramer, I. Damg°ard, B. Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In Crypto’ 94, LNCS 839, pp. 174–187.Google Scholar
  14. 14.
    R. Cramer, M. Franklin, B. Schoenmakers, and M. Yung. Multi-authority secretballot elections with linear work. In Eurocrypt’ 96, LNCS 1070, pp. 72–83.Google Scholar
  15. 15.
    A. De Santis, G. Di Crescenzo, G. Persiano, and M. Yung. On monotone formula closure of SZK. In FOCS’ 94, pp. 454–465.Google Scholar
  16. 16.
    T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. In Crypto’ 84, LNCS 196, pp. 10–18.Google Scholar
  17. 17.
    D. Goldschlag and S. Stubblebine. Publicly verifiable lotteries: Applications of delaying functions. In Financial Crypto’ 98, LNCS 1465, pp. 214–226.CrossRefGoogle Scholar
  18. 18.
    Z. Haas and L. Zhou Securing Ad-Hoc Networks. In IEEE Networks, 13(6), 1999.Google Scholar
  19. 19.
    S. Kim, S. Park, and D. Won. Convertible group signatures. In Asiacrypt’ 96, LNCS 1163, pp. 311–321.Google Scholar
  20. 20.
    S. Kim, S. Park, and D. Won. Group signatures for hierarchical multigroups. In ISW’ 97, LNCS 1396, pp. 273–281.Google Scholar
  21. 21.
    E. Kushilevitz and T. Rabin. Fair e-lotteries and e-casinos. In RSA Conference 2001, LNCS 2020, pp. 100–109.Google Scholar
  22. 22.
    C. Perkins. Ad-hoc networking. Addison Wesley, 2001.Google Scholar
  23. 23.
    H. Petersen. How to convert any digital signature scheme into a group signature scheme. In Security Protocols’ 97, LNCS 1361, pp. 67–78.CrossRefGoogle Scholar
  24. 24.
    D. Pointcheval and J. Stern. Security arguments for digital signatures and blind signatures. J. of Cryptology, 13(3):361–396, Aug. 2000.zbMATHCrossRefGoogle Scholar
  25. 25.
    R. Rivest, A. Shamir, and Y. Tauman. How to leak a secret. In Asiacrypt’ 01, LNCS 2248, pp. 552–565.Google Scholar
  26. 26.
    R. Rivest, A. Shamir, Y. Tauman. How to leak a secret. Private Com., Oct. 2001.Google Scholar
  27. 27.
    R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Com. of the ACM, 21(2):120–126, Feb. 1978.zbMATHCrossRefMathSciNetGoogle Scholar
  28. 28.
    A. Shamir. How to share a secret. In Com. of the ACM, 22(11):612–613, 1979.zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Emmanuel Bresson
    • 1
  • Jacques Stern
    • 1
  • Michael Szydlo
    • 2
  1. 1.Dépt d’informatiqueÉcole normale supérieureParis Cedex 05France
  2. 2.RSA LaboratoriesBedfordUSA

Personalised recommendations