Abstract

Ring signature is a kind of digital signature which can protect the identity of the signer. Certificateless public key cryptography not only overcomes key escrow problem but also does not lose some advantages of identity-based cryptography. Certificateless ring signature integrates ring signature with certificateless public key cryptography. In this paper, we propose an efficient certificateless ring signature; it has only three bilinear pairing operations in the verify algorithm. The scheme is proved to be unforgeable in the random oracle model.

Highlights

  • In the traditional cryptography, the communicating parties distribute a private key by sending the key in advance over some secure channels

  • In 1976, Diffie and Hellman [1] first introduced the concept of public key cryptography (PKC) and proposed some techniques to solve this longstanding problem in traditional cryptography

  • According to the forking lemma, if the attacker AII can succeed in making a valid ring signature with a probability ε, the advantage of challenger C solving an instance of co-computational Diffie-Hellman (CDH) problem in the game 2 is at least ε2/66CqnH3 ⋅ 1/qU

Read more

Summary

Introduction

The communicating parties distribute a private key by sending the key in advance over some secure channels. In 1976, Diffie and Hellman [1] first introduced the concept of public key cryptography (PKC) and proposed some techniques to solve this longstanding problem in traditional cryptography. In order to solve this problem, Shamir [2] proposed an identity-based cryptography scheme based on public key cryptography (ID-PKC) in 1995. In a ring signature based on PKC, the verifier must check the validity of certificates of some group members, which will make the signature scheme inefficient since the computational cost will increase with the group size. The ring signature based on ID-PKC has the key escrow problem. To the best of our knowledge, the most efficient certificateless ring signature scheme based on bilinear pairings requires at least four bilinear maps.

Preliminaries
Formal Definition and Security Model
Our Scheme
Unforgeability against Type I Adversary
Unforgeability against Type II Adversary
Unconditional Anonymity
Comparison
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call