16 lines
1.4 KiB
Org Mode
16 lines
1.4 KiB
Org Mode
* Anonymous Identification in Ad Hoc Groups
|
|
- States they can accomplish constant sized signatures. This is not the case however, as they either need to send the group S as a part of the signature or assume that the group S is somewhat static and can thus be assumed to be known. This seems like quite the stretch and I do not consider their signatures to be constant sized as such.
|
|
- If this assumption holds, extending it to a threshold scheme is intuitive.
|
|
* Short Linkable Ring Signatures Revisited
|
|
- These guys use a CA (certificate or central authority?), as part of their key-gen algorithm. This is not a nice feature for complete ad-hoc schemes.
|
|
- Question, are we okay with having a central authority? This CA is only used within keygen to create a certificate, it is not used when signing.
|
|
* Short Linkable Ring Signatures for E-voting,E-cash and Attestation
|
|
- Also requires a CA..
|
|
* The others mentioned in RingCT 2.0: A Compact Accumulator-Based (Linkable Ring Signature) Protocol for Blockchain Cryptocurrency Monero
|
|
- Are not public key based, but instead identity based and as such likely requires a PKG as well.
|
|
* Constant Size Ring Signature Without Random Oracle
|
|
- Uses something called Groth-Sahai commitments whick work in the CRS model.. + I don't know if you can perhaps make this not be in the CRS model
|
|
- Extending this to a constant-sized blind ring signature is an open problem.
|
|
+ What is a blind ring?
|