Cryptology ePrint Archive: Report 2019/654

Concise Linkable Ring Signatures and Forgery Against Adversarial Keys

Brandon Goodell and Sarang Noether and RandomRun

Abstract: We demonstrate that a version of non-slanderability is a natural definition of unforgeability for linkable ring signatures. We present a linkable ring signature construction with concise signatures and multi-dimensional keys that is linkably anonymous if a variation of the decisional Diffie-Hellman problem with random oracles is hard, linkable if key aggregation is a one-way function, and non-slanderable if a one-more variation of the discrete logarithm problem is hard. We remark on some applications in signer-ambiguous confidential transaction models without trusted setup.

Category / Keywords: applications / ring signatures, digital signatures

Date: received 3 Jun 2019, last revised 30 Mar 2020

Contact author: surae at getmonero org, sarang at getmonero org, randomrun at protonmail com

Available format(s): PDF | BibTeX Citation

Note: Updated security model, with extensive revisions.

Version: 20200330:160235 (All versions of this report)

Short URL: ia.cr/2019/654


[ Cryptology ePrint archive ]