Study On Forward Secure Ring Signature

In 2001, Rivest, Shamir and Tauman addressed notion of ring signature. Ring signature, which signs a message in an unconditionally anonymous way, is a special digital signature. A verifier convinces the signature which is signed by one of independent ring signers without allowing the verifier to identify which signer it is. Ring signature adapts anonymous electronic voting system, transmissible electronic cash system etc, and it has been a core technology for applying exchange-anonymous security. It is a crux for security of ring signature that exposure of secret keys can be a devastating attack on cryptosystem which ring signature base on. The legitimate method for exposure of secret keys had been explored until Anderson proposed forward-secure digital signature in 1997.The different between forward-secure digital signature and ordinary digital signature is adding key-update algorithm to forward-secure digital signature. The specific course is that the time during which the public key is desired to be valid is divided into periods; the secret key evolves in each period. The secret key of next period is derived from the current secret key via key-update algorithm which is arranged in system after a period end. The previous signature would not be broken by an attacker even if key is exposed and the attacker successfully attains it. Forward-secure signature advanced in ring signature to protect the secret key of signer and guard against forging signature. As result, the security of ring signature is improved greatly.This thesis mainly focuses on the research of forward-secure ring signature. The main work is as follows:Firstly, we analysize a forward-secure ring signature based on the conic curve over ring Zn. Then we point out a disadvangtage of key-update algorithm of the signature and give an exsitential forging attack. The improved signature advances in security because it uses two hardness problems at the same time. The hardness of factorization is added to improved signature later.Secondly, we give a forging attack to identity-based ring signature proposed Au Man Ho et al. With two improved signatures proposed respectively, we give a new signature. It is more secure than previous signatures.And the efficiency is advanced more than original signature.Thirdly, we give two identity-based forward-secure ring signatures. In security, one is proved in random oracle model. The other is proved in standard model. In forward-secure property, the former signature base on hard problem of factorization, the latter signature base on discrete logarithm hard problem.