Deniable Ring Signatures

Abstract

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 55-57).Ring Signatures were developed by Rivest, Shamir and Tauman, in a paper titled How to Leak a Secret, as a cryptographically secure way to authenticate messages with respect to ad-hoc groups while still maintaining the signer's anonymity. While their initial scheme assumed the existence of random oracles, in 2005 a scheme was developed that does not use random oracles and meets the strongest security definitions known in the literature. We argue that this scheme is not deniable, meaning if someone signs a message with respect to a ring of possible signers, and at a later time the secret keys of all of the possible signers are confiscated (including the author), then the author's anonymity is no longer guaranteed. We propose a modification to the scheme that guarantees anonymity even in this situation, using a scheme that depends on ring signature users generating keys that do not distinguish them from other users who did not intend to participate in ring signature schemes, so that our scheme can truly be called a deniable ring signature scheme.by Eitan Reich.M.Eng