MoneroResearch.info |
Resource type: Thesis/Dissertation BibTeX citation key: Li2022a View all bibliographic details |
Categories: Monero-focused Creators: Li Publisher: EECS Department, University of California, Berkeley |
Views: 45/2456
|
Attachments EECS-2022-152.pdf [11/1091] | URLs https://www2.eecs.b ... EECS-2022-152.html |
Abstract |
Ring signatures are digital signatures that confirm the signer being a member of a public group without revealing the identity of the signer. There are wide applications of ring signatures, such as in the blockchain space. For example, anonymous cryptocurrency Monero employs RingCT, which is based on Confidential Transactions and ring signatures. The bottleneck for ring signatures is the size of the signatures as most current schemes have size of signatures proportional or logarithmic to the number of parties in the ring, which are highly inefficient. We hope to extend a state-of-art disjunctive zero-knowledge proof to ring signatures.
Disjunctive zero knowledge proofs, where the prover demonstrates knowledge of solution to a subset of problems, were first studied by Cramer et al.[8] Since then, there have been numerous optimizations towards more efficient communication and computation. In order to reach amortized computation that does not grow with the total number of statements, [6] uses RSA set accumulators to combine with commitment schemes in a Σ−Protocol. There is a natural connection between ring signatures and Σ−protocols as any Σ−protocol of zero knowledge proofs can be converted to a ring signatures by embedding the message to be signed in the hash function. Therefore, the construction of [6] give a ring signature scheme, which can be potentially applied to the Monero protocol after modifications. |