Abstract
Ring signature, introduced by Rivest et al. [Asiacrypt’01], allows a person to sign a document on behalf of an ad-hoc group (or ring) while hiding the identity of the actual signer. But the anonymity provided by the ring signature scheme can be used to conceal a malicious signer and put other ring members under suspicion. Fortunately, Park et al. [Crypto’19] proposed a repudiable ring signature scheme which can overcome this disadvantage. However, the construction of Park et al. [Crypto’19] is not compact, in other word, the size of signatures and repudiations in their scheme increases with the square of the ring size.In this paper, we propose the first logarithmic-size repudiable ring signature scheme, which means the size of signatures and repudiations grows only logarithmically in the ring size. Moreover, in terms of security model, we present a new requirement (repudiation-unforgeability), which requires ‘no one can forge a valid repudiation’. Our scheme is the first repudiable ring signature scheme satisfies this new requirement.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
