[curves] EC ring signature schemes
Steve Weis
steveweis at gmail.com
Mon Jun 16 10:51:53 PDT 2014
Unfortunately the only ring signature implementations I found on a
quick inspection are pairing-based. PBC has Zhang & Kim's "ID-Based
Blind Signature and ring from pairings" as an example:
http://crypto.stanford.edu/pbc/
J. Ayo Akinyele implemented a couple pairing-based schemes using the
CHARM library:
http://www.charm-crypto.com/Main.html
"X. Boyen. Mesh Signatures: How to Leak a Secret with Unwitting and
Unwilling Participants"
Paper: http://eprint.iacr.org/2007/094.pdf
Code: https://github.com/JHUISI/charm/blob/dev/charm/schemes/pksig/pksig_cyh.py
"S. Chow, S. Yiu and L. Hui - Efficient identity based ring signature."
Paper: https://eprint.iacr.org/2004/327.pdf
Code: https://github.com/JHUISI/charm/blob/dev/charm/schemes/pksig/pksig_boyen.py
I also think there have been pairing-based ring signature
implementations using the RELIC toolkit, but I didn't see any code
online. Here's the toolkit though:
https://code.google.com/p/relic-toolkit/
On Mon, Jun 16, 2014 at 7:02 AM, David Leon Gil <coruus at gmail.com> wrote:
>
> Is anyone aware of any implementation of EC ring signatures *not* using pairing-based crypto? (If not, does anyone have any good ideas on the strategy to pursue in, e.g., Ed25519?)
>
> (I know that the original RST ("How to leak a secret") scheme has been shown insecure if public keys in the ring are been adversarially chosen. Though the citation is eluding me after several searches, I believe there is a scheme using ZAPs to fix this.)
>
> - David
>
> (PS If you are also on Messaging, apologies for the duplication; I mistakenly posted this there originally.)
> —
> Sent using alpine: an Alternatively Licensed Program for Internet News and Email
>
> _______________________________________________
> Curves mailing list
> Curves at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/curves
>
More information about the Curves
mailing list