Research Area:  Blockchain Technology
Ring signature, introduced by Rivest et al. [Asiacrypt’01], allows a person to sign a document on behalf of an ad-hoc group (or ring) while hiding the identity of the actual signer. But the anonymity provided by the ring signature scheme can be used to conceal a malicious signer and put other ring members under suspicion. Fortunately, Park et al. [Crypto’19] proposed a repudiable ring signature scheme which can overcome this disadvantage. However, the construction of Park et al. [Crypto’19] is not compact, in other word, the size of signatures and repudiations in their scheme increases with the square of the ring size. In this paper, we propose the first logarithmic-size repudiable ring signature scheme, which means the size of signatures and repudiations grows only logarithmically in the ring size. Moreover, in terms of security model, we present a new requirement (repudiation-unforgeability), which requires ‘no one can forge a valid repudiation’. Our scheme is the first repudiable ring signature scheme satisfies this new requirement.
Keywords:  
Author(s) Name:  Hao Lin, Mingqiang Wang
Journal name:  Computer Standards & Interfaces
Conferrence name:  
Publisher name:  Elsevier
DOI:  10.1016/j.csi.2021.103562
Volume Information:  Volume 80, March 2022, 103562
Paper Link:   https://www.sciencedirect.com/science/article/abs/pii/S092054892100057X