Enhancement of Generalized Ring Signatures with Convertibility

Ring signature is a kind of group-oriented signature. It allows a member of a group to sign messages on behalf of the group without revealing her/his identity. The verifier can be convinced that the signature was indeed generated by one of the ring members, however, the verifier is unable to tell which member actually produced the signature. A convertible ring signature allows the real signer to convert a ring signature into an ordinary signature by revealing secret information about the ring signature. Thus, the real message signer can prove the ownership of a ring signature if necessary, and the other members in the ring cannot prove the ownership of a ring signature. In 2008, Ren and Harn first proposed a generalized ring signature scheme based on the original ElGamal signature scheme. However, Wang et al. showed that the convertibility of Ren and Harn's scheme cannot be satisfied. Everyone in the ring of a ring signature has the ability to claim that she/he produces the generalized ring signature. In this article, we shall propose an enhancement of Ren and Harn's scheme that can overcome the weakness. The improved scheme enables the actual message signer to prove to a verifier that only she/he is capable of generating the ring signature. The security analysis of the improved scheme is equivalent to those of Ren and Harn's scheme against adaptive-chosen message attacks in the random oracle model.