Hwang and Cheng proposed the first strong designated-verifier ring signature scheme providing one-out-of-all signer anonymity to hide the actual signer’s identity. Their scheme also provides signer admission to admit who the actual signer is. However, the computation and communication costs caused by the signer admission are heavy because their scheme needs all ring members’ Schnorr promises. T...

A digraph is k-traceable if its order is at least k and each of its subdigraphs of order k is traceable. The Traceability Conjecture (TC) states that for k > 2 every k-traceable oriented graph of order at least 2k − 1 is traceable. It has been shown that for 2 6 k 6 6, every k-traceable oriented graph is traceable. We develop an iterative procedure to extend previous results regarding the TC. I...

Traceable signatures (TS), suggested by Kiayias, Tsiounis and Yung (Eurocrypt’04), extend group signatures to address various basic traceability issues beyond merely identifying the anonymous signer of a rogue signature. Namely, they enable the efficient tracing of all signatures produced by a misbehaving party without opening the identity of other parties. They also allow users to provably cla...

In this paper, we propose a new ID-based event-oriented linkable ring signature scheme, with an option as revocable-iff-linked. With this option, if a user generates two linkable ring signatures in the same event, everyone can compute his identity from these two signatures. We are the first in the literature to propose such a secure construction in ID-based setting. Even compared with other exi...

Ring signatures are cryptographic protocols designed to allow any member of a group to produce a signature on behalf of the group, without revealing the individual signer’s identity. This offers group members a level of anonymity not attainable through generic digital signature schemes. We call this property ‘plausible deniability’, or anonymity with respect to an anonymity set. We concentrate ...

Ring signatures enable a user to sign a message so that a ring of possible signers is identified, without revealing exactly which member of that ring actually generated the signature. In some situations, however, an actual signer may possibly want to expose himself, for instance, if doing so, he will acquire an enormous benefit. In this paper, we present a Schnorr ring signature scheme with des...

We describe the first efficient ring signature scheme secure, without random oracles, basedon standard assumptions. Our ring signatures are based in bilinear groups. For l members ofa ring our signatures consist of 2l + 2 group elements and require 2l + 3 pairings to verify. Weprove our scheme secure in the strongest security model proposed by Bender, Katz, and Morselli:namely, ...

The strong designated verifier ring signature scheme provides signer anonymity to protect actual signer’s identity. However, the message of the strong designated verifier ring signature may disclose some identity information related to the actual signer. To remove this flaw, this study proposes a novel strong designated verifier ring signcryption scheme. Compared with the Han et al. and Huang e...