Paper 2004/377

New Distributed Ring Signatures for General Families of Signing Subsets

Javier Herranz and Germán Sáez


In a distributed ring signature scheme, a subset of users cooperate to compute a distributed anonymous signature on a message, on behalf of a family of possible signing subsets. The receiver can verify that the signature comes from a subset of the ring, but he cannot know which subset has actually signed. In this work we use the concept of dual access structures to construct a distributed ring signature scheme which works with general families of possible signing subsets. The length of each signature is linear on the number of involved users, which is desirable for some families with many possible signing subsets. The scheme achieves the desired properties of correctness, anonymity and unforgeability. The reduction in the proof of unforgeability is tighter than the reduction in the previous proposals which work with general families. We analyze the case in which our scheme runs in an identity-based scenario, where public keys of the users can be derived from their identities. This fact avoids the necessity of digital certificates, and therefore allows more efficient implementations of such systems. But our scheme can be extended to work in more general scenarios, where users can have different types of keys.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
distributed ring signaturesID-based cryptographydual access structures
Contact author(s)
jherranz @ ma4 upc es
2005-01-03: received
Short URL
Creative Commons Attribution


      author = {Javier Herranz and Germán Sáez},
      title = {New Distributed Ring Signatures for General Families of Signing Subsets},
      howpublished = {Cryptology ePrint Archive, Paper 2004/377},
      year = {2004},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.