IEICE TRANSACTIONS on Fundamentals
On the Definitions of Anonymity for Ring Signatures
Summary :
This paper studies the relations among several definitions of anonymity for ring signature schemes in the same attack environment. It is shown that one intuitive and two technical definitions we consider are asymptotically equivalent, and the indistinguishability-based technical definition is the strongest, i.e., the most secure when achieved, when the exact reduction cost is taken into account. We then extend our result to the threshold case where a subset of members cooperate to create a signature. The threshold setting makes the notion of anonymity more complex and yields a greater variety of definitions. We explore several notions and observe certain relation does not seem hold unlike the simple single-signer case. Nevertheless, we see that an indistinguishability-based definition is the most favorable in the threshold case. We also study the notion of linkability and present a simple scheme that achieves both anonymity and linkability.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E91-A No.1 pp.272-282
- Publication Date
- 2008/01/01
- Publicized
- Online ISSN
- 1745-1337
- DOI
- 10.1093/ietfec/e91-a.1.272
- Type of Manuscript
- Special Section PAPER (Special Section on Cryptography and Information Security)
- Category
- Security Notions
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Miyako OHKUBO, Masayuki ABE, "On the Definitions of Anonymity for Ring Signatures" in IEICE TRANSACTIONS on Fundamentals,
vol. E91-A, no. 1, pp. 272-282, January 2008, doi: 10.1093/ietfec/e91-a.1.272.
Abstract: This paper studies the relations among several definitions of anonymity for ring signature schemes in the same attack environment. It is shown that one intuitive and two technical definitions we consider are asymptotically equivalent, and the indistinguishability-based technical definition is the strongest, i.e., the most secure when achieved, when the exact reduction cost is taken into account. We then extend our result to the threshold case where a subset of members cooperate to create a signature. The threshold setting makes the notion of anonymity more complex and yields a greater variety of definitions. We explore several notions and observe certain relation does not seem hold unlike the simple single-signer case. Nevertheless, we see that an indistinguishability-based definition is the most favorable in the threshold case. We also study the notion of linkability and present a simple scheme that achieves both anonymity and linkability.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e91-a.1.272/_p
Copy
@ARTICLE{e91-a_1_272,
author={Miyako OHKUBO, Masayuki ABE, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={On the Definitions of Anonymity for Ring Signatures},
year={2008},
volume={E91-A},
number={1},
pages={272-282},
abstract={This paper studies the relations among several definitions of anonymity for ring signature schemes in the same attack environment. It is shown that one intuitive and two technical definitions we consider are asymptotically equivalent, and the indistinguishability-based technical definition is the strongest, i.e., the most secure when achieved, when the exact reduction cost is taken into account. We then extend our result to the threshold case where a subset of members cooperate to create a signature. The threshold setting makes the notion of anonymity more complex and yields a greater variety of definitions. We explore several notions and observe certain relation does not seem hold unlike the simple single-signer case. Nevertheless, we see that an indistinguishability-based definition is the most favorable in the threshold case. We also study the notion of linkability and present a simple scheme that achieves both anonymity and linkability.},
keywords={},
doi={10.1093/ietfec/e91-a.1.272},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - On the Definitions of Anonymity for Ring Signatures
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 272
EP - 282
AU - Miyako OHKUBO
AU - Masayuki ABE
PY - 2008
DO - 10.1093/ietfec/e91-a.1.272
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E91-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2008
AB - This paper studies the relations among several definitions of anonymity for ring signature schemes in the same attack environment. It is shown that one intuitive and two technical definitions we consider are asymptotically equivalent, and the indistinguishability-based technical definition is the strongest, i.e., the most secure when achieved, when the exact reduction cost is taken into account. We then extend our result to the threshold case where a subset of members cooperate to create a signature. The threshold setting makes the notion of anonymity more complex and yields a greater variety of definitions. We explore several notions and observe certain relation does not seem hold unlike the simple single-signer case. Nevertheless, we see that an indistinguishability-based definition is the most favorable in the threshold case. We also study the notion of linkability and present a simple scheme that achieves both anonymity and linkability.
ER -
English
