1 Two Stories of Ring Signatures Yoshikazu Hanatani * Kazuo Ohta * *The University of Electro-Communications.

Slides:

Advertisements

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Advertisements

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *

Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.

1 Chapter 7-2 Signature Schemes. 2 Outline [1] Introduction [2] Security Requirements for Signature Schemes [3] The ElGamal Signature Scheme [4] Variants.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Aajeevika Skills Visioning Workshop 24 th Feb 2014 Visioning Exercise Briefing.

Digital Signatures. Anononymity and the Internet.

Asymmetric-Key Cryptography

Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka

Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Ring Signatures of Sub- linear Size without Random Oracles Nishanth Chandran Jens Groth Amit Sahai University of California Los Angeles TexPoint fonts.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.

CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Receipt-freeness and coercion-resistance: formal definitions and fault attacks Stéphanie Delaune / Steve Kremer / Mark D. Ryan.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

Unlinkable Secret Handshakes and Key-Private Group Key Management Schemes Author: Stanislaw Jarecki and Xiaomin Liu University of California, Irvine From:

1 An ID-based multisignature scheme without reblocking and predetermined signing order Chin-Chen Chang, Iuon-Chang Lin, and Kwok-Yan Lam Computer Standards.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

Remarks on Voting using Cryptography Ronald L. Rivest MIT Laboratory for Computer Science.

1 Deniable Ring Authentication Moni Naor Weizmann Institute of Science.

Cryptography and Complexity at the Weizmann Institute

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Public Key Model 8. Cryptography part 2.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Chapter 10: Authentication Guide to Computer Network Security.

Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2

Basel Alomair, Krishna Sampigethaya, and Radha Poovendran University of Washington TexPoint fonts used in EMF.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

An Efficient and Secure Event Signature (EASES) Protocol for Peer-to-Peer Massively Multiplayer Online Games Mo-Che Chan, Shun-Yun Hu and Jehn-Ruey Jiang.

RSA By: Abhishek Naik Viswanath Chennuru CPSC 624.

Chapter 4: Intermediate Protocols

02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.

An Authenticated Payword Scheme without Public Key Cryptosystems Author: Chia-Chi Wu, Chin-Chen Chang, and Iuon-Chang Lin. Source: International Journal.

6. Esoteric Protocols secure elections and multi-party computation Kim Hyoung-Shick.

Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.

1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.

1 一個新的代理簽章法 A New Proxy Signature Scheme 作者 : 洪國寶, 許琪慧, 郭淑娟與邱文怡報告者 : 郭淑娟.

Digital Signatures, Message Digest and Authentication Week-9.

Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.

Chapter 11 Enhancing an Online Form and Using Macros Microsoft Word 2013.

Electronic Voting R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide anonymity.

MSN lab1 A novel deniable authentication protocol using generalized ElGamal signature scheme Source: Information Sciences, vol. 177, pp , 2007.

Software Security Seminar - 1 Chapter 4. Intermediate Protocols 발표자 : 이장원 Applied Cryptography.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

ICICS2002, Singapore 1 A Group Signature Scheme Committing the Group Toru Nakanishi, Masayuki Tao, and Yuji Sugiyama Dept. of Communication Network Engineering.

Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.

1 Secret Handshakes or Privacy-Preserving Interactive Authentication Gene Tsudik University of California, Irvine joint work with: Claude Castelluccia,

On the (im)possibility of perennial message recognition protocols without public-key cryptography Peeter Laud Cybernetica AS & University of Tartu

Cryptography Lecture 26.

Yael Tauman Kalai Area: Cryptography PhD: MIT, with Shafi Goldwasser

Digital Signatures…!.

Security Properties Straw Polls

Lecture 6: Digital Signature

K. Maneva-Jakimoska, G. Jakimoski*and M. Burmester

Published in 2016 International Computer Symposium (ICS) Authors

LAB 3: Digital Signature

Presentation transcript:

1 Two Stories of Ring Signatures Yoshikazu Hanatani * Kazuo Ohta * *The University of Electro-Communications

2 Ring Signature : Present In 2001, a ring signature scheme was proposed by Rivest, Shamir, Tauman. The signature scheme convinces a verifier that a document has been signed by one of n independent signers.

3 A signer can connect the head and tail of the series of values by using own secret key. A verifier computes series of values from the message and members’ public keys, and checks that a signature has a ring structure. Ring Signature : Present Anyone cannot distinguish a part of the signature which is used secret key. Anyone cannot distinguish the actual signer.

4 Ring Signature : Old Once upon a time, there was a signature scheme like a ring signature scheme in Japan.

5 Background In 1756 (in the middle of Edo period), a signature was generated as a proof of solidarity when farmers in a certain village resisted their ruler. A purpose of the shape of this signature is to hide their leader.

6 Reason for a shape of ring Members sequentially signed like a ring, try to hide the order of signers. The members who participate in the signature take equal responsibility. If members simply signed, the first signer would be suspected of the leader.

7 Derivation The signature scheme is called “KARAKASARENPAN”. Because the shape of the signature looks like Japanese traditional umbrella. An umbrella Joint signatures KARAKASARENPAN

8 Various “KARAKASARENPAN”

9Comparison Ring signature “KARAKASARENPAN” Shape Ring The number of signers 1 n Other’s cooperation NecessaryUnnecessary Hide an actual signer Hide a members’ leader. Purpose A signer to shift the blame to members PossibleImpossible

10 Ring Signature : Future Ring Signature schemes which have an additional functionality, with which the involved members of the ring can deny the signature, are proposed. Toward the Fair Anonymous Signatures: Deniable Ring Signatures In preparing Yuichi Komano, Kazuo Ohta, Atsushi Shimbo, Shinichi Kawamura CRYPTO2002 Deniable ring authentication. M. Naor