Short DL-based Blacklistable Ring Signatures from DualRing

IF 0.4 4区计算机科学 Q4 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences Pub Date : 2023-01-01 DOI:10.1587/transfun.2023tap0008

Toru NAKANISHI, Atsuki IRIBOSHI, Katsunobu IMAI

{"title":"Short DL-based Blacklistable Ring Signatures from DualRing","authors":"Toru NAKANISHI, Atsuki IRIBOSHI, Katsunobu IMAI","doi":"10.1587/transfun.2023tap0008","DOIUrl":null,"url":null,"abstract":"As one of privacy-enhancing authentications suitable for decentralized environments, ring signatures have intensively been researched. In ring signatures, each user can choose any ad-hoc set of users (specified by public keys) called a ring, and anonymously sign a message as one of the users. However, in applications of anonymous authentications, users may misbehave the service due to the anonymity, and thus a mechanism to exclude the anonymous misbehaving users is required. However, in the existing ring signature scheme, a trusted entity to open the identity of the user is needed, but it is not suitable for the decentralized environments. On the other hand, as another type of anonymous authentications, a decentralized blacklistable anonymous credential system is proposed, where anonymous misbehaving users can be detected and excluded by a blacklist. However, the DL-based instantiation needs O(N) proof size for the ring size N. In the research line of the DL-based ring signatures, an efficient scheme with O(log N) signature size, called DualRing, is proposed. In this paper, we propose a DL-based blacklistable ring signature scheme extended from DualRing, where in addition to the short O(log N) signature size for N, the blacklisting mechanism is realized to exclude misbehaving users. Since the blacklisting mechanism causes additional costs in our scheme, the signature size is O(log N + ℓ), where ℓ is the blacklist size.","PeriodicalId":55003,"journal":{"name":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","volume":null,"pages":null},"PeriodicalIF":0.4000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1587/transfun.2023tap0008","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

As one of privacy-enhancing authentications suitable for decentralized environments, ring signatures have intensively been researched. In ring signatures, each user can choose any ad-hoc set of users (specified by public keys) called a ring, and anonymously sign a message as one of the users. However, in applications of anonymous authentications, users may misbehave the service due to the anonymity, and thus a mechanism to exclude the anonymous misbehaving users is required. However, in the existing ring signature scheme, a trusted entity to open the identity of the user is needed, but it is not suitable for the decentralized environments. On the other hand, as another type of anonymous authentications, a decentralized blacklistable anonymous credential system is proposed, where anonymous misbehaving users can be detected and excluded by a blacklist. However, the DL-based instantiation needs O(N) proof size for the ring size N. In the research line of the DL-based ring signatures, an efficient scheme with O(log N) signature size, called DualRing, is proposed. In this paper, we propose a DL-based blacklistable ring signature scheme extended from DualRing, where in addition to the short O(log N) signature size for N, the blacklisting mechanism is realized to exclude misbehaving users. Since the blacklisting mechanism causes additional costs in our scheme, the signature size is O(log N + ℓ), where ℓ is the blacklist size.

查看原文本刊更多论文

来自DualRing的基于dl的黑名单环签名

环签名作为一种适用于去中心化环境的增强隐私的认证方式，已经得到了广泛的研究。在环签名中，每个用户可以选择任何称为环的特别用户集(由公钥指定)，并作为其中一个用户匿名签名消息。但是，在匿名认证的应用中，由于匿名性，用户可能会对服务进行不当行为，因此需要一种排除匿名行为不当用户的机制。然而，在现有的环签名方案中，需要一个可信实体来打开用户的身份，但不适合分散的环境。另一方面，作为另一种类型的匿名认证，提出了一种去中心化的黑名单匿名凭据系统，该系统可以通过黑名单检测和排除匿名行为不端的用户。然而，基于dl的实例化需要O(N)个证明大小的环大小N。在基于dl的环签名的研究路线上，提出了一个签名大小为O(log N)的有效方案，称为DualRing。在本文中，我们提出了一种基于dl的黑名单环签名方案，该方案在DualRing的基础上进行了扩展，除了对N的短签名大小为O(log N)外，还实现了黑名单机制以排除行为不端的用户。由于黑名单机制在我们的方案中会产生额外的成本，因此签名大小为O(log N + r)，其中r为黑名单大小。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Ieice Transactions on Fundamentals of Electronics Communications and Computer Sciences 工程技术-工程：电子与电气

CiteScore

1.10

自引率

20.00%

发文量

137

审稿时长

3.9 months

期刊介绍： Includes reports on research, developments, and examinations performed by the Society''s members for the specific fields shown in the category list such as detailed below, the contents of which may advance the development of science and industry: (1) Reports on new theories, experiments with new contents, or extensions of and supplements to conventional theories and experiments. (2) Reports on development of measurement technology and various applied technologies. (3) Reports on the planning, design, manufacture, testing, or operation of facilities, machinery, parts, materials, etc. (4) Presentation of new methods, suggestion of new angles, ideas, systematization, software, or any new facts regarding the above.