Paper 2003/067

Forking Lemmas in the Ring Signatures' Scenario

Javier Herranz and Germán Sáez


Pointcheval and Stern introduced in 1996 some forking lemmas useful to prove the security of a family of digital signature schemes. This family includes, for example, Schnorr's scheme and a modification of ElGamal signature scheme. In this work we generalize these forking lemmas to the ring signatures' scenario. In a ring signature scheme, a signer in a subset (or {\it ring}) of potential signers produces a signature of a message in such a way that the receiver can verify that the signature comes from a member of the ring, but cannot know which member has actually signed. We propose a new ring signature scheme, based on Schnorr signature scheme, which provides unconditional anonymity. We use the generalized forking lemmas to prove that this scheme is existentially unforgeable under adaptive chosen-message attacks, in the random oracle model.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
ring signature schemesrandom oracle model
Contact author(s)
jherranz @ mat upc es
2003-04-11: received
Short URL
Creative Commons Attribution


      author = {Javier Herranz and Germán Sáez},
      title = {Forking Lemmas in the Ring Signatures' Scenario},
      howpublished = {Cryptology ePrint Archive, Paper 2003/067},
      year = {2003},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.