A Provably Secure Ring Signature Scheme in Certificateless Cryptography

TL;DR

This paper introduces a new certificateless ring signature scheme that is provably secure in the random oracle model, addressing security concerns and demonstrating the scheme's resistance to certain attacks.

Contribution

It presents the first concrete certificateless ring signature scheme with formal security proofs and analyzes its security against key replacement attacks.

Findings

Scheme is secure in the random oracle model

Key replacement attack is effective against generic constructions

Provides formal security models for certificateless ring signatures

Abstract

Ring signature is a kind of group-oriented signature. It allows a member of a group to sign messages on behalf of the group without revealing his/her identity. Certificateless public key cryptography was first introduced by Al-Riyami and Paterson in Asiacrypt 2003. In certificateless cryptography, it does not require the use of certificates to guarantee the authenticity of users' public keys. Meanwhile, certificateless cryptography does not have the key escrow problem, which seems to be inherent in the Identity-based cryptography. In this paper, we propose a concrete certificateless ring signature scheme. The security models of certificateless ring signature are also formalized. Our new scheme is provably secure in the random oracle model, with the assumption that the Computational Diffie-Hellman problem is hard. In addition, we also show that a generic construction of certificateless ring signature is insecure against the key replacement attack defined in our security models.