International Association for Cryptologic Research

International Association
for Cryptologic Research


Shorter Ring Signatures from Standard Assumptions

Alonso González
DOI: 10.1007/978-3-030-17253-4_4
Search ePrint
Search Google
Conference: PKC 2019
Abstract: Ring signatures, introduced by Rivest, Shamir and Tauman (ASIACRYPT 2001), allow to sign a message on behalf of a set of users while guaranteeing authenticity and anonymity. Groth and Kohlweiss (EUROCRYPT 2015) and Libert et al. (EUROCRYPT 2016) constructed schemes with signatures of size logarithmic in the number of users. An even shorter ring signature, of size independent from the number of users, was recently proposed by Malavolta and Schröder (ASIACRYPT 2017). However, all these short signatures are obtained relying on strong and controversial assumptions. Namely, the former schemes are both proven secure in the random oracle model while the later requires non-falsifiable assumptions.The most efficient construction under mild assumptions remains the construction of Chandran et al. (ICALP 2007) with a signature of size $$\varTheta (\sqrt{n})$$, where n is the number of users, and security is based on the Diffie-Hellman assumption in bilinear groups (the SXDH assumption in asymmetric bilinear groups).In this work we construct an asymptotically shorter ring signature from the hardness of the Diffie-Hellman assumption in bilinear groups. Each signature comprises $$\varTheta (\root 3 \of {n})$$ group elements, signing a message requires computing $$\varTheta (\root 3 \of {n})$$ exponentiations, and verifying a signature requires $$\varTheta (n^{2/3})$$ pairing operations. To the best of our knowledge, this is the first ring signature based on bilinear groups with $$o(\sqrt{n})$$ signatures and sublinear verification complexity.
  title={Shorter Ring Signatures from Standard Assumptions},
  booktitle={Public-Key Cryptography – PKC 2019},
  series={Lecture Notes in Computer Science},
  author={Alonso González},