Abstract
In cryptography, a ring signature is anonymous as it hides the signer’s identity among other users. When generating the signature, the users are arranged as a ring. Compared with group signatures, a ring signature scheme needs no group manager or special setup and supports flexibility of group choice. However, the anonymity provided by ring signatures can be used to conceal a malicious signer and put other ring members under suspicion. At the other extreme, it does not allow the actual signer to prove their identity and gain recognition for their actions. A deniable ring signature is designed to overcome these disadvantages. It can initially protect the signer, but if necessary, it enables other ring members to deny their involvement, and allows the real signer to prove who made the signed action. Many real-world applications can benefit from such signatures. Inspired by the requirement for them to remain viable in the post-quantum age, this work proposes a new non-interactive deniable ring signature scheme based on lattice assumptions. Our scheme is proved to be anonymous, traceable and non-frameable under quantum attacks.
Highlights
A digital signature allows a recipient to be confident about the source of information that they receive, but there is no anonymity, as the sender has to be identified
We describe a non-interactive deniable ring signature scheme, in which confirmation and disavowal is achieved by using another digital signature provided by the ring members associated with the given ring signature
Via Lemma 2, we show that due to the Lyubashevsky signature scheme [19] is unforgeable, if a given ring signature from our Non-interactive Deniable Ring Signature (NDRS) scheme can be accepted by running the Verify algorithm, it must be created by a “real-signer” under its private key corresponding to its ephemeral public key that must be one from the l-ring public keys σi for i ∈ {1, . . . , l}
Summary
A digital signature allows a recipient to be confident about the source of information that they receive, but there is no anonymity, as the sender has to be identified. Using a ring signature scheme can be open to abuse, where a malicious signer can use the anonymity to supply false information and put the other members of the ring under suspicion. If necessary, is the ability of any member of the ring to clarify their involvement in the signature used Such deniable signatures have many applications, for example:. – Online criminal detection and reward system The police rely on information from the public and, for serious crimes, often offer rewards for useful information This scheme allows an informant to initially provide information anonymously and once the criminal is safely behind bars, to claim their reward while preventing someone else fraudulently doing so. Instead the ring member provides evidence (a signature) that the verifier uses to check confirmation, or disavowal
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
