SM2-DualRing: Efficient SM2-based ring signature schemes with logarithmic size

Abstract

As an equivalent of a handwritten signature, digital signature can resist against information tampering and identity impersonation during digital communication, but it fails to meet the specific anonymity requirement in circumstances like voting, credit reporting, and whistle-blowing. Ring signature was introduced as a special digital signature to further achieve anonymity, and classical schemes constructed from single ring were faced with linearly increasing size. In CRYPTO 2021, Yuen et al. proposed a novel construction paradigm (namely, DualRing) for reaping logarithmic-sized ring signature. Existing DualRing-based ring signature schemes are based on its supported Type-T standard signature algorithms (Three-move type, e.g. Schnorr signature). In this paper, we are motivated to seek a SM2-based ring signature scheme upon the DualRing technology, among which the SM2 digital signature is widely adopted as an international standard but not with a Type-T architecture. Therefore, we first transform the SM2 digital signature into Type-T and integrate DualRing with the variant of the SM2 digital signature. After that, we prove the unforgeability and anonymity of our schemes, together with proposing optimized and linkable schemes. Finally, we put our schemes into practice to display their performance in communication and computation costs.