Abstract
Linkable ring signatures is a useful cryptographic tool for constructing applications such as ones relative to electronic voting (e-voting), digital cashes (e-cashes) as well as cloud computing. Equipped with linkable ring signatures, e-voting, e-cash systems can simultaneously enjoy the privacy and the unreusability properties thanks to the anonymity and the linkability of linkable ring signatures. Likewise, cloud servers can enjoy a privacy-preserving ability, a flexible access control and an efficient security management with linkable ring signatures. Moreover, linkable ring signatures built in the identity-based setting would help to remove the expense of using the conventional public key infrastructure and also could be applied to the user management. This primitive hence would be suitable for huge-scale applications. In this paper, we present the first identity-based linkable ring signatures (IdLRS) in both integer lattice and ideal lattice setting. The proposed IdLRS is proved secure in the random oracle model and based on the hardness of the short integer solution and ring short integer solution assumption. We also implement the proposed idLRS as a proof of concept and then do some experiments to evaluate the running times and the sizes.
Highlights
Our identity-based linkable ring signatures (IdLRS) ensures that two messages are linked if they are produced by the same real signer in the same event
In order to state the security models for an IdLRS scheme, we summarise two kinds of queries that an adversary A can make in the corresponding games and the way the challenger adaptive chosen-identity and chosen-massage attacks if, for any polynomial-time adversary A, the probability that A wins GAME II below is negligible
Nonslanderability of an IDLRS ensures that any adversary without having the private key of the real signer in the ring cannot produce any new signatures that are linkable to the previous ones
Summary
In 2013, Au et al [4] proposed a new ID-based event-oriented linkable ring signature scheme and prove the security of our scheme in the random oracle model, using the Discrete Logarithm (DL), the Decisional Diffie–Hellman (DDH) and q-Strong Diffie–Hellman (q-SDH) assumptions. Our IdLRS ensures that two messages are linked if they are produced by the same real signer in the same event To this ends, we use a secure hash function H3 to transform an event identity event into a matrix K and compute E = KSs, where Ss is the private key of the real signer in the ring.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
