Ring signatures enable a user to sign messages on behalf of an arbitrary set of users, called the ring, without revealing exactly which member of that ring actually generated the signature. The signer-anonymity property makes ring signatures have been an active research topic. Recently, Park and Sealfon (CRYPTO 19) presented an important anonymity notion named signer-unclaimability and constructed a lattice-based ring signature scheme with unclaimable anonymity in the standard model, however, it did not consider the unforgeable w.r.t. adversarially-chosen-key attack (the public key ring of a signature may contain keys created by an adversary) and the signature size grows quadratically in the size of ring and message. In this work, we propose a new lattice-based ring signature scheme with unclaimable anonymity in the standard model. In particular, our work improves the security and efficiency of Park and Sealfons work, which is unforgeable w.r.t. adversarially-chosen-key attack, and the ring signature size grows linearly in the ring size.
翻译:最近,Park和Sealfon(CRYPTO 19)提出了一个重要的匿名概念,名为 " 签字人无名无姓 ",并在标准模型中以不可声名匿名的方式构建了一个基于花边环的签名计划,然而,它没有考虑到不可预见的对立选择键攻击(签字的公用钥匙环可能包含由对手制造的钥匙),而且签字的大小在戒指和电文的大小上以四边形增长。在这项工作中,我们提出了一个新的基于Lattice的环签字计划,在标准模型中以不可声名匿名方式出现。特别是,我们的工作提高了公园和Sealfons工作的安全和效率,这是无法预见的 w.r.t. 对抗性选择键攻击,而且环形签字的大小在环形尺寸上直线增长。