Analysis of Revocable-iff-Linked Ring Signature Scheme

Ik Rae JEONG  Jeong Ok KWON  Dong Hoon LEE  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E92-A   No.1   pp.322-325
Publication Date: 2009/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E92.A.322
Print ISSN: 0916-8508
Type of Manuscript: LETTER
Category: Cryptography and Information Security
ring signature,  anonymity,  linkability,  revocability,  

Full Text: PDF>>
Buy this Article

In a linkable ring signature scheme, a signer himself selects a set of parties called a "ring" and signs the messages on behalf of the ring. Any party can know whether or not the ring signatures are made by the same signer, although the party cannot know the identity of the actual signer. Au, Liu, Susilo, and Yuen proposed an ID-based linkable ring signature scheme and an ID-based revocable-iff-linked ring signature scheme. With a revocable-iff-linked ring signature scheme, any party can recover the identity of the signer, if the signer makes two or more ring signatures. In this paper, we show that Au et al.'s revocable-iff-linked ring signature scheme does not provide anonymity, even if the signer makes only one ring signature. Anonymity is one of the most basic security requirements of ring signatures.