Secure ID-based linkable and revocable-iff-linked ring signature with constant-size construction

In this paper, we propose a new ID-based event-oriented linkable ring signature scheme, with an option as revocable-iff-linked. With this option, if a user generates two linkable ring signatures in the same event, everyone can compute his identity from these two signatures. We are the first in the literature to propose such a secure construction in ID-based setting. Even compared with other existing non ID-based schemes, we enjoy significant efficiency improvement, including constant signature size and linking complexity. Our scheme can be also regarded as a normal ID-based ring signature. We are also the first to propose such a scheme with constant signature size and enhanced privacy, namely the signer is anonymous even to the PKG who has the master secret key. We prove the security of our scheme in the random oracle model, using DL, DDL and q-SDH assumptions.