Portal de Periódicos da CAPES

Toward the Fair Anonymous Signatures: Deniable Ring Signatures

2007; Institute of Electronics, Information and Communication Engineers; Volume: E90-A; Issue: 1 Linguagem: Inglês

10.1093/ietfec/e90-a.1.54

1745-1337

Yuichi Komano, Kazuo Ohta, Atsushi Shimbo, S. Kawamura,

Complexity and Algorithms in Graphs

Ring signature scheme enables a signer to sign a message anonymously. In the ring signature scheme, the signer who wants to sign a document anonymously first chooses some public keys of entities (signers) and then generates a signature which ensures that one of the signer or entities signs the document. In some situations, however, the ring signature scheme allows the signer to shift the blame to victims because of the anonymity. The group signature scheme may be a solution for the problem; however, it needs an electronic big brother, called a group manager, who can violate the signer anonymity by himself, and a complicated key setting. This paper introduces a new notion of a signature scheme with signer anonymity, a deniable ring signature scheme ( ), in which no group manager exists, and the signer should be involved in opening the signer anonymity. We also propose a concrete scheme proven to be secure under the assumption of the DDH (decision Diffie Hellman) problem in the random oracle model.