“https://getmonero.org/”

6 Monero – secure, private, untraceable getmonero.org, The Monero Project

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

5 Shi-Feng
Sun, Man Ho Au, Joseph K. Liu, Tsz Hon Yuen, Dawu Gu  “RingCT 2.0: A Compact Accumulator-Based
(Linkable Ring Signature) Protocol for Blockchain Cryptocurrency Monero”

4 Patrick P.
Tsang and Victor K. Wei.” Short Linkable Ring Signatures for E-Voting, E-Cash
and Attestation”

3 Man Ho Au,
Sherman S.M. Chow, Willy Susilo, and Patrick P. Tsang. “Short Linkable Ring
Signatures Revisited”.

 

2
Eiichiro Fujisaki,Koutarou
Suzuki.”Traceable Ring Signatures”

 

1
Ronald L. Rivest,Adi Shamir,and Yael Tauman.”How to Leak a Secret”

References:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The ring signatures provide anonymity among the users in the ring or members
in the involved in the transaction which reveals no information. The enhancement
of ring signatures is done through traceable ring signatures and linkable ring signatures
which helped the development of cryptocurrency,bitcoin and Monero.Ring signatures
can also be included in Id based cryptography,bilinear pairings,oblivious transfer
and many more cryptographic fields.Ring signatures can be achieved in many like
accountable ring signature,certificate based ring signature,threshold ring signatures,revocable
ring signatures and many more types of ring signatures to come which helps the user
to protect his privacy.

 

Conclusion:

 

 

 

 

It uses ring signatures hide
information about all transaction.It provides all benefits of a decentralized cryptocurrency
without any privacy issues.

Monero
is private

 

It is secured digital cash
   operated by network of users. Transactions
are confirmed by the blockchain consensus protocols and then recorded on the block
chain.

5Monero
is secure

 

6Monero protects
privacy in three ways, ring signatures enablle the sender to hide among others involved
in the transaction,hides receiving address of transaction and RingCT(Ring Confidential
Transaction) hides the amount of transaction.Monero provides “privacy,anonymity
and optionally transperant”.

Cryptocurrency
is a digital property works as medium of exchange.It uses cryptography to secure
the transactions. Monero is the web application which is an open source crytpocurrency.Monero
is based on CryptoNote protocol.

Ring Signatures in web Applications:

 

Direct Anonymous
Attestation(DAA) it is used in the trusted computing group it solves the following
problem, the user requests a provider for the platform which is trustable that is
trusted platform module(TPM) for authentication.However, user wants his privacy
such that verifier should know user is using TPM but doesn’t want to know type of
TPM.

Linkable Ring
Signatures are used in offline e-cash systems.The users take electronic coins which
consists of numbers produced by users and signed by the bank. Each signature represents  a given amount.These coins are later  used in shops by using public key generated by
the bank so the users retain the anonymity.The scheme of e-cash system is as follows
the group members in the group forms a group of users.The bank issues electronic
coins to the users.When the user uses money the privacy is restored.

4 Applications:

 

 

 

3.    
Output Phase: A gives (ˆ?,M*, ?*,R*) and succeeds
if R* ? S  ˆ? is the
output of SO (ˆs, ˆ M, ˆ
R).VerifyR*(M*, ?*)=1,Link(ˆ?,?*)=1 and A never queried ˆs to CO(.).

2.    
Probing phase: A is given access to sign oracle SO(.,.,.)
and outputs Sign(M,R) A has also givento corrupt oracle and outputs Ski.

1.    
Initialization phase: Key pairs {(Pki,Ski)}n(k)
i=1 are generated by keyGen(1k) algorithm and set of public keys S={Pki}n(K)
i=1  is given to A.

 

Same as Unforgeability
and linkability, A linkable ring signature 
scheme is unforgeable if for Probabilistic Polynomial Time adversary A and
for any polynomial n(.) the probabilty that A succeeds  in the following  game is negligable.

Non-slanderability:

 

 

3.    
Output Phase: A gives (Mi* ,? i *,Ri*) and succeeds if it holds that verifyRi*(Mi* ,? i *)=1,Link(? 1 *,? 2 *)=0.

2.    
Probing phase: A is given access to sign oracle SO(.,.,.)
and outputs Sign(M,R) A has also givento corrupt oracle and outputs Ski.

1.    
Initialization phase: Key pairs {(Pki,Ski)}n(k)
i=1 are generated by keyGen(1k) algorithm and set of public keys S={Pki}n(K)
i=1  is given to A.

 

Same as Unforgeability,
A linkable ring signature  scheme is unforgeable
if for Probabilistic Polynomial Time adversary A and for any polynomial n(.) the
probabilty that A succeeds  in the following  game is negligable.

Linkabilty:

 

5.    
Output phase: The adversary  gives a bits b’ and wins  if b’=b.

4.    
Probing phase 2: A is again given access to CO and SO.If
i0 or i1 is queried to CO , A fails and game terminates.

3.    
Challenge Phase: A outputs message M,distinct indices
i0, i1 and a ring .,R ? S for which Pki0,Pki1
and all keys in R are distinct. If i0,i1 was an output to CO corrupt orcale A fails
and game terminates or else a random bit b is choosen  and A is given Signib,SKib(M,R)à?.

2.    
Probing phase 1: A is given access to sign oracle SO(.,.,.)
and outputs Sign(M,R) A has also givento corrupt oracle and outputs wi, 1<=i<=n(k). 1.     Initialization phase: Key pairs {(Pki,Ski)}n(k) i=1 are generated by keyGen(1k,;wi) algorithm for randomly choosen wi and set of public keys S={Pki}n(K) i=1  is given to A   A linkable ring signature  scheme is unforgeable if for Probabilistic Polynomial Time adversary A and for any polynomial n(.) the probabilty that A succeeds  in the following  game is negligably close to 1/2. Linkable Anonymity:     3.     Output Phase: A gives (M*, ?*,R*) and succeeds  if VerifyR*(M*, ?*)=1 2.     Probing phase: A is given access to sign oracle SO(.,.,.) and outputs Sign(M,R) A has also givento corrupt oracle and outputs Ski. 1.     Initialization phase: Key pairs {(Pki,Ski)}n(k) i=1 are generated by keyGen(1k) algorithm and set of public keys S={Pki}n(K) i=1  is given to A. A linkable ring signature  scheme is unforgeable if for Probabilistic Polynomial Time adversary A and for any polynomial n(.) the probabilty that A succeeds  in the following  game is negligable.   Unforgeability: The linkable ring signatures will satisfy the following properties of security3 Security  Properties :   2.     Linking Correctness: Two signatures signed according to specification are linked if they come from same signer. If two signatues are signed according to specification do not share a common signer then they are not linked with overwhelming probablity. 1.     Verification Correctness: Inorder to accept during verification the signature must be signed as specification with overwhelming probablity. Linkable Ring Signatures must satisfy3   Link(?0 ,?1)à1/0: From input of two signatures it 1 or 0 .If linked it gives 1 or else unlinked outputs 0. Verify(Y,M,?)à 1/0 : On input a set of Y of n public keys in Pk ,message m, and a signature returns 0 or 1 means reject or accept respectively,if (M, ?)is accepted by the alogrithm message/signature pair is valid. Sign(Y,M,x)à ? :It takes a set of Y of n public keys in Pk where n?N is size of polynomial in ?, a message M,x ? SK whose corresponding public key is contained in y,gives signature ?. KeyGen()à(ski,pki):This algorithm takes secuirty parameter as input and gives the secret/public key pair(ski,pki) as output.Sk and Pk denotes secret key and public key respectively. Init(1?)0àparam : This algorithm takes security parameter ? as input and gives the param as output which is also a security parameter contains one among other things 1 ?.   The following is syntax for the tuples: (Init,KeyGen,Sign,Verify,Link). A linkable ring signature scheme is a five tuple algorithm Similar to traceable ring signatures the linkable variant will also have similar but this consists of five tuples as 3 explains Model:     A linkable ring signature allows anyone to determine if two signatures have been signed from the same group member or not. If a user signs only once from a group they can enjoy anonymity similar to  original ring signatures. If same user sends twice then it can be known sent by the same group user. A twist in paradigm comes when same signer signs the two ring signatures but still unable to identify who the signer was.This is known linkable anonymity. Linkable Ring Signature:     It solves the whistle blower problem.Actually  the problem consider Alice is a journalist ,she secretly gets an information about the company from the higher officer with respect to ring of higher officials. She discloses the information by telling that information was from the one of the authorities without revealing the name. On the other hand, Bob gets the opposite information from the anither signture with respect to ring of higher officials and he announces it to the social.Then Alice and Bob want to know if the information they got from different sources or if they are fooled from a dishonest person without telling their source.By the traceable ring signature the official can be caught for sharing wrong information and he can be traced.   Traceable ring signature is functionally related to blind signatures so it can be applied to offline anonymous e-cash system.             In original ring signature group identification only works with group manager whereas the traceable ring signature don't.   Anonymous voter can register on BBS- for instance some set of people  discussing on an  issue through Internet and wish not to reveal anything about them on that issue as a result they dont involve in a trusted party or setup a registration to vote.In ordinary ring signature every member in the ring has to message however traceable ring signatures it is allowed. Applications of Traceable Ring Signatures2:   User cant be accused of signing the message with same tag. Adversary cannot produce tracable signature generated by target withinthe publicly tracable mechanism it is infeasible to corrupt all ring members but not the target. Exculpability:   As long as the sender the messages with the different tags their identity is untracable.Similarly two messages with different tags are also unlinkable. Anonymity:   The total number of signatures with same tag should not exceed the total numbers in the group. Tag Linkability:   Any user who sends the two or more messages with the same tag can be traced and it is possible with pair of messages or signature and the tag. Public Traceability: The tracable ring signatures  are secure under following properties2 Security Properties:     4).Trace : It takes tag and two message/signature pairs as input and gives any of the strings "indep," "linked," or pk, where pk ?pkN.   3). Ver: Algorithm takes tag, message and signature and outputs a bit.   2­). Sig:  Algorithm takes Secret Key Ski where i ?N tag, and message m?{0,1}?, and outputs signature ?   1).Gen: Algorithm takes security parameter k ?N and gives a public/secret key pair(Pk,Sk).   ? = (Gen,Sig,Ver,Trace), such that, for k ?z, the following is true From 2 Tracable ring signature scheme is the tuple of algorithms Model:   2. A tracable ring signature has a tag L=(issue,Pk) where issue to refers to for example, an id of election or some some social issue and Pk is the set of public keys of members in the group. Similar to the ring signature, the users in the group will verify the message but they will also include the tag L in this scheme.However they cannot know the where the message originated from. If the signer again sends the message again with the same tag the users find the tags in the message match and can know the who the signer is . General ring signatures provides anonymity which the others who are not in ring can send the message and information is hidden and not known to any of the other people in the ring. So, traceable ring signatures are the extension to ring signatures which helps the reciver to trace the sender. Tracable Ring Signature: B). Linkable ring signatures. A). Tracable ring signatures. The ring signatures can be extended to many fields which are associated with it.Some of them are     The verifier accepts the signature if the ring equation is satisfied or else it is rejectced.                                     Figure 2: Sign and Verify (https://cryptonote.org/inside)                                   Ck,v(Y1,Y2,...,Yr) =v 3).Verify the ring equation 2).Calculate key k=H(m) k gives the encryption key. 1).Apply the public key on all Yi=g(Xi). According to 1 the verification follows as: After receiving the message , the members in the group otherthan the signer needs to see if the message is from their ring or not. So by the signers public key they will get message by using hash of the message he received if encryption key is successful and he ultimately verifies the ring equation which the signer got in implementation step 3. Verification:                                        Figure 1: Ring Signature 1                                       (P1,P2……Pr;v;X1,X2…….Xr). 6).The signature with message m is defined to be (2r+1)tuple: 5).Calculate signers private key Xs with Xs=gs-1(Ys).                               Ck,v(Y1,Y2,...,Yr) = v 4). Solve the ring equation Ys. 3).Pick the random Xi for all other group members and calculate Yi=gi(Xi) 2).Choose a random value v.                                                 K=H(m) 1). Initially, the message is hashed and it is taken as symmetric key K The 1 explains six steps to generate a ring signature by the signer   This is the process through a signer a send message within his group without revealing any of his information. The message is hashed with any of the hash functions , later the signer chooses two random values glue and Xi then calculates Yi and ring equation respectively. Finally he calculates the private key of signers. Implementation: Ring verify: It gets a message m and a signature ? contains all public keys from users and outputs either TRUE or FALSE. Ring sign: It produces a ring sign ? for a message m, given public keys P1,P2…..Pk of the r ring members together with the secret key SK of the Sth sender(actual sender of message).   2)    Ring verify 1)    Ring sign Ring Signature is composed of two primary definitions I found a 1 better definitions to explain the ring signatures   Before proceeding it to the definitions, let us assume the sender is associated with public key Pk which shows the signature scheme like RSA.He can get connected to public key with PkI  directory or certificates The reciever has a secret key SK associated with him. Definition:   In group signatures can be formed when the users in the group wanted to share information about the vendor of the message, whereas the users in the ring signature don't want to reveal their information.The users in the group need not wait for central authentication anyone in the group having public and private keys can send and receive messages within the group.The sender with his private key chooses the set of receivers with their public key and computes the signature. It is a type of digital signature in cryptography, in which a user in the group can send a message within in the group who have the key. This ring signature offers security property, the other users in the group do not find the signer of the message. This was first introduced by Rivest,Shamir and Tauman in 2001. Introduction: Ring Signature                   8.    References---------------------------------------------------------------  13 7.    Conclusion--------------------------------------------------------------   12 6.    Ring signatures in web applications------------------------------ 11 (c).Applications------------------------------------------------- 10 (b).Security------------------------------------------------------  8 (a).Model--------------------------------------------------------   7                              II.            Linkable ring signatures (c).Applications------------------------------------------------- 6 (b).Security------------------------------------------------------  6 (a) .Model--------------------------------------------------------  5                                I.            Traceable ring signatures 5.    Types of ring signatures 4.    Verification-------------------------------------------------------------   4 3.    Implementation-------------------------------------------------------   3 2.    Definition----------------------------------------------------------------  2 1.    Introduction-------------------------------------------------------------  2 Table of contents                                                                               Page no.