Identity-based (ID-based) cryptosystems avoid the necessity of certificates to authenticate public keys in a digital communications system. This is desirable, specially for these applications which involve a large number of public keys in each execution. For example, any computation and verification of a ring signature, where a user anonymously signs a message on behalf of a set of users including himself, requires to authenticate the public keys of all the members of the set. We use bilinear pairings to design a new ID-based ring signature scheme. We give bounds on the concrete security of our scheme in the random oracle model, under the assumption that the Computational Diffie-Hellman problem is hard to solve. Then we extend this scheme to scenarios where a subset of users anonymously sign on behalf of some access structure of different subsets.
展开▼
