Leakage-resilient ring signature schemes
Ring signature schemes provide a way to sign a message without exposing the identity of authentic signer. Security of ring signature assumes that the signing keys are perfectly secret. On account of the physical imperfection of cryptosystems in practice, however, malicious attackers can easily learn partial secret information of the system by means of side-channel attacks, thus breaking the security. To overcome this problem, Wang et al. introduced the notion of leakage-resilient ring signature and presented a concrete construction. However, their scheme is only provably secure in the random oracle model and can tolerate at most (1/2−1/2t−ϵ) part leakage of the secret signing key, where t is the ring size. In this work, we focus on the constructions of leakage-resilient ring signature based on bounded leakage model, and combine Bender et al.'s security definitions of traditional ring signature with bounded leakage resilience, which is stronger than that considered in Wang et al.'s work. We then propose three constructions of leakage-resilient ring signature secure under the given security models. The first one is a black-box construction, and the second one is a concrete construction with leakage bound ((n−2)logq−ω(logk)) whose security is reduced to the intractability of computational Diffie-Hellman problem and leakage-resilient hard relation without random oracles. The third construction enjoys better efficiency and higher leakage bound, e.g. ((n−1)logq−ω(logk)), but its security proof resorts to the random oracle model.