Revocable Ring Signature

Group signature allows the anonymity of a real signer in a group to berevoked by a trusted party called group manager. It also gives the groupmanager the absolute power of controlling the formation of the group.Ring signature, on the other hand, does not allow anyone to revoke thesigner anonymity, while allowing the real signer to form a group (alsoknown as a ring) \it arbitrarily without being controlled by any otherparty. In this paper, we propose a new variant for ring signature,called \it Revocable Ring Signature. The signature allows a realsigner to form a ring arbitrarily while allowing a set of authorities torevoke the anonymity of the real signer. This new variant inherits thedesirable properties from both group signature and ring signature insuch a way that the real signer will be responsible for what it hassigned as the anonymity is revocable by authorities while the realsigner still has the freedom on ring formation. We provide a formalsecurity model for revocable ring signature and propose an efficientconstruction which is proven secure under our security model.