Paper 2004/190

Distributed Ring Signatures for Identity-Based Scenarios

Javier Herranz and Germán Sáez


In a ring signature scheme, a signer in a subset (or {\it ring}) of potential signers produces a signature of a message in such a way that the receiver can verify that the signature comes from a member of the ring, but cannot know which member has actually signed. In this work, we extend this concept to that of distributed ring signatures, where a subset of users cooperate to compute a distributed anonymous signature on a message, on behalf of a family of subsets. We propose two schemes, one for general families of subsets, and a more efficient one for threshold families of subsets. The security of both proposals is formally proved, assuming the hardness of the Computational Diffie-Hellman problem. Our two schemes run in an identity-based scenario, where public keys of the users can be derived from their identities. This fact avoids the necessity of digital certificates, and therefore allows more efficient implementations of such systems.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Identity-based cryptographyRing signaturesProvable
Contact author(s)
jherranz @ mat upc es
2004-08-07: received
Short URL
Creative Commons Attribution


      author = {Javier Herranz and Germán Sáez},
      title = {Distributed Ring Signatures for Identity-Based Scenarios},
      howpublished = {Cryptology ePrint Archive, Paper 2004/190},
      year = {2004},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.