TY - GEN
T1 - Two-party (blind) ring signatures and their applications
AU - Au, Man Ho Allen
AU - Susilo, Willy
PY - 2014/1/1
Y1 - 2014/1/1
N2 - Ring signatures, introduced by Rivest, Shamir and Tauman, attest the fact that one member from a ring of signers has endorsed the message but no one can identify who from the ring is actually responsible for its generation. It was designed canonically for secret leaking. Since then, various applications have been discovered. For instance, it is a building block of optimistic fair exchange, destinated verifier signatures and ad-hoc key exchange. Interestingly, many of these applications require the signer to create a ring signature on behalf of two possible signers (a two-party ring signature) only. An efficient two-party ring signature scheme due to Bender, Katz, and Morselli, is known. Unfortunately, it cannot be used in many of the aforementioned applications since it is secure only in a weaker model. In this paper, we revisit their construction and proposed a scheme that is secure in the strongest sense. In addition, we extend the construction to a two-party blind ring signature. Our proposals are secure in the standard model under well-known number-theoretic assumptions. Finally, we discuss the applications of our construction, which include designated verifier signatures, optimistic fair exchange and fair outsourcing of computational task.
AB - Ring signatures, introduced by Rivest, Shamir and Tauman, attest the fact that one member from a ring of signers has endorsed the message but no one can identify who from the ring is actually responsible for its generation. It was designed canonically for secret leaking. Since then, various applications have been discovered. For instance, it is a building block of optimistic fair exchange, destinated verifier signatures and ad-hoc key exchange. Interestingly, many of these applications require the signer to create a ring signature on behalf of two possible signers (a two-party ring signature) only. An efficient two-party ring signature scheme due to Bender, Katz, and Morselli, is known. Unfortunately, it cannot be used in many of the aforementioned applications since it is secure only in a weaker model. In this paper, we revisit their construction and proposed a scheme that is secure in the strongest sense. In addition, we extend the construction to a two-party blind ring signature. Our proposals are secure in the standard model under well-known number-theoretic assumptions. Finally, we discuss the applications of our construction, which include designated verifier signatures, optimistic fair exchange and fair outsourcing of computational task.
UR - http://www.scopus.com/inward/record.url?scp=84901684457&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-06320-1_30
DO - 10.1007/978-3-319-06320-1_30
M3 - Conference article published in proceeding or book
SN - 9783319063195
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 403
EP - 417
BT - Information Security Practice and Experience - 10th International Conference, ISPEC 2014, Proceedings
PB - Springer Verlag
T2 - 10th International Conference on Information Security Practice and Experience, ISPEC 2014
Y2 - 5 May 2014 through 8 May 2014
ER -