@article{oai:ipsj.ixsq.nii.ac.jp:00009822,
 author = {Kazuki, Yoneyama and Kazuo, Ohta and Kazuki, Yoneyama and Kazuo, Ohta},
 issue = {9},
 journal = {情報処理学会論文誌},
 month = {Sep},
 note = {Though anonymity of ring signature schemes has been studied in many publications  these papers gave different definitions and there has been no consensus. Recently  Bender  et al. proposed two new anonymity definitions of ring signature schemes which are stronger than the previous definitions  that are called anonymity against attribution attacks/full key exposure. In addition  ring signature schemes have two levels of definitions for unforgeability definitions  i.e.  existential unforgeability and strong existential unforgeability. In this paper  we will redefine anonymities and unforgeabilities within the universally composable (UC) security framework. First  we will give new ideal functionalities of ring signature schemes for each security level separately. Next  we will show the relations between game-based security definitions and our UC definitions. Finally  we will give another proof for the security of the Bender  et al.’s ring signature scheme within the UC framework. A simulator we constructed in this proof can easily simulate an adversary of existential unforgeability  which can be adaptable to the case of strong existential unforgeability if we assume the exploited signature scheme is a standard single strong existentially unforgeable signature scheme., Though anonymity of ring signature schemes has been studied in many publications, these papers gave different definitions and there has been no consensus. Recently, Bender, et al. proposed two new anonymity definitions of ring signature schemes which are stronger than the previous definitions, that are called anonymity against attribution attacks/full key exposure. In addition, ring signature schemes have two levels of definitions for unforgeability definitions, i.e., existential unforgeability and strong existential unforgeability. In this paper, we will redefine anonymities and unforgeabilities within the universally composable (UC) security framework. First, we will give new ideal functionalities of ring signature schemes for each security level separately. Next, we will show the relations between game-based security definitions and our UC definitions. Finally, we will give another proof for the security of the Bender, et al.’s ring signature scheme within the UC framework. A simulator we constructed in this proof can easily simulate an adversary of existential unforgeability, which can be adaptable to the case of strong existential unforgeability if we assume the exploited signature scheme is a standard single strong existentially unforgeable signature scheme.},
 pages = {2976--2989},
 title = {Ring Signatures: Universally Composable Definitions and Constructions},
 volume = {48},
 year = {2007}
}