The first strong designated-verifier ring signature scheme provides signer ambiguity to protect signers’ identity, because the actual signer is guessed to be some ring member or designated verifier. Only the designated verifier is convinced that the actual signer is some ring members. To provide signer anonymity maximally, the actual signer should be guessed to be not only the ring members but also all possible ones. Then the actual signer’s anonymity suffers the maximum protection, though only the designated verifier is still convinced that the actual signer is some ring member. So the first strong designated-verifier signature scheme providing one-out-of-all signer anonymity is proposed to protect signers’ identity maximally. Moreover, the signer admission is provided for the actual signer to prove who the actual signer is. The security proof of our scheme is also given.
網際網路技術學刊=Journal of Internet Technology 12(2)，頁357-365