Generalized Anonymous Information Sharing

The concept of ring signature was first introduced by Rivest, Shamir and Tanman in 2001. In a ring signature, instead of revealing the actual identity of the message signer, it specifies a set of possible signers. The verifier can be convinced that the signature was indeed generated by one of the ring members, however, he is unable to tell which member actually produced the signature. Ring signature provides an elegant way to leak authoritative secrets in an anonymous way, and to implement designated-verifier signature schemes which can authenticate emails without undesired side effects. In this paper, we first propose a basic ring signature scheme based on the original ElGamal signature scheme. The proposed ring signature can achieve unconditional signer ambiguity and is secure against adaptive chosen message attacks. Comparing to ring signature based on RSA algorithm, the proposed generalized ring signature scheme has two advantages: (1) all ring members can use the same prime number p and operate in the same domain. (2) the proposed ring signature is inherently a convertible ring signature and enables the actual message signer to prove to a verifier that only he is capable of generating the ring signature. Then, based on the basic ring signature scheme, a generalized ring signature scheme is introduced to increase the level of confidence or enforce cross organizational joint message signing.