Zero-knowledge undeniable signatures (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
One-way accumulators: a decentralized alternative to digital signatures
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Multi-signatures in the plain public-Key model and a general forking lemma
Proceedings of the 13th ACM conference on Computer and communications security
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Toward the fair anonymous signatures: deniable ring signatures
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
IWSEC'06 Proceedings of the 1st international conference on Security
Efficient and random oracle-free conditionally anonymous ring signature
ProvSec'12 Proceedings of the 6th international conference on Provable Security
Hi-index | 0.00 |
A conditionally anonymous ring signature, first studied by Komano et al. (RSA06) (termed as a deniable ring signature), is a ring signature except that the anonymity is conditional. Specifically, it allows an entity to confirm/refute that he generated a signature. A group signature also has conditional anonymity since a group manager can revoke a signer's anonymity. However, the group in this case is fixed, unlike a ring signature where a group is ad hoc. In this paper, we construct a new conditionally anonymous ring signature. Our signing/verification algorithms are asymptotically most efficient, compared with all known schemes. Our confirmation/disavowal protocols are non-interactive with constant costs while the known schemes have a cost linear in either ring size n or security parameter s.