Cryptology ePrint Archive: Report 2004/281
Short Linkable Ring Signatures for E-Voting, E-Cash and Attestation
Patrick P. Tsang and Victor K. Wei
Abstract: A ring signature scheme can be viewed as a group signature scheme
with no anonymity revocation and with simple group setup. A
\emph{linkable} ring signature (LRS) scheme additionally allows
anyone to determine if two ring signatures have been signed by the
same group member. Recently, Dodis et al. \cite{DKNS04} gave a
short (constant-sized) ring signature scheme. We extend it to the
first short LRS scheme, and reduce its security to a new hardness
assumption, the Link Decisional RSA (LD-RSA) Assumption. We also
extend \cite{DKNS04}'s other schemes to a generic LRS scheme and a
generic linkable group signature scheme. We discuss three
applications of our schemes. Kiayias and Yung \cite{KY04}
constructed the first e-voting scheme which simultaneously
achieves efficient tallying, public verifiability, and write-in
capability for a typical voter distribution under which only a
small portion writes in. We construct an e-voting scheme based on
our short LRS scheme which achieves the same even for all
worst-case voter distribution. Direct Anonymous Attestation (DAA)
\cite{BCC04} is essentially a ring signature scheme with certain
linking properties that can be naturally implemented using LRS
schemes. The construction of an offline anonymous e-cash scheme
using LRS schemes is also discussed.
Category / Keywords: public-key cryptography / linkable ring signatures, e-voting, e-cash, attestation
Publication Info: An extended abstract of this paper was in ISPEC 2005.
Date: received 30 Oct 2004, last revised 14 Feb 2005
Contact author: pktsang3 at ie cuhk edu hk
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20050214:165025 (All versions of this report)
Short URL: ia.cr/2004/281
[ Cryptology ePrint archive ]