Ring signature with designated linkability
Ring signatures enable a user to sign a message so that a ring of possible signers is identified, without revealing exactly which member of that ring actually generated the signature. This concept has been used to construct new cryptographic applications, such as designated signatures, concurrent signatures, etc. To avoid being abused, the concept of linkable ring signatures was introduced. In this concept, when two ring signatures are produced by the same signer, then anyone can link the signatures. In this paper, we introduce a new concept called linkable ring signature with designated linkability that lies between the two. In this new concept, the ring signatures remain anonymous from the public’s point of view. However, they can only be linked by a designated party, whenever necessary. This notion allows the privacy of the signer, but additionally, it also limits the receiver from being abused. We present a generic construction for such schemes, and proceed with an instantiation of our generic construction that is built from the existing linkable ring signature scheme due to Liu et al.