A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proceedings of the 11th ACM conference on Computer and communications security
Ring signatures without random oracles
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Generic Transformation to Strongly Unforgeable Signatures
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
The Random Oracle Model and the Ideal Cipher Model Are Equivalent
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Programmable Hash Functions and Their Applications
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Designated verifier proofs and their applications
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Efficient ring signatures without random oracles
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
A secure signature scheme from bilinear maps
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Evaluating 2-DNF formulas on ciphertexts
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Sequential aggregate signatures and multisignatures without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Ring signatures of sub-linear size without random oracles
ICALP'07 Proceedings of the 34th international conference on Automata, Languages and Programming
Threshold ring signature without random oracles
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Forward secure ring signature without random oracles
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Short signatures from weaker assumptions
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
| Hi-index | 0.00 |
In this work we present a new CDH-based ring signature scheme with some striking advantages. On the one hand it is secure without random oracles, perfectly anonymous, and unforgeable solely under the CDH assumption in bilinear groups. This makes the security of our ring signature schemes rely on weaker (and less) assumptions than all previous (full) ring signature schemes secure without random oracles. On the other hand the scheme is very space efficient; a public key consists of just a single group element and a ring signature accounts for only n+1 group elements, where n is the size of the ring. This is only about half the number of components when compared to other ring signature schemes that do not exploit ring re-use. As all computations are in groups of prime order, we do not need a trusted setup procedure. All these features do not come for free. The main drawback of our scheme is that it only provides security against chosen subring attacks where the attacker is not allowed to query private keys.