Ring Signature
What is Ring Signature?
Ring SignatureA digital signature produced by any one of n public keys without revealing which signer was used, introduced by Rivest, Shamir, and Tauman in 2001.
A ring signature, introduced by Rivest, Shamir, and Tauman in 2001, allows a signer to authenticate a message on behalf of an ad-hoc 'ring' of n public keys such that a verifier is convinced one of the ring members signed but cannot tell which. No coordination, setup, or group manager is required: the signer simply picks the ring and computes a signature using their own private key and the others' public keys. Variants include linkable ring signatures (LSAG, MLSAG, CLSAG) that expose a key image preventing double-spends and traceable ring signatures used for whistleblower-style anonymity. Monero is the flagship deployment, currently using CLSAG plus Bulletproofs+ for amount privacy.
● Examples
- 01
Monero hides the real sender among ten decoys with CLSAG ring signatures.
- 02
Linkable ring signatures power anonymous voting and e-cash prototypes.
● Frequently asked questions
What is Ring Signature?
A digital signature produced by any one of n public keys without revealing which signer was used, introduced by Rivest, Shamir, and Tauman in 2001. It belongs to the Cryptography category of cybersecurity.
What does Ring Signature mean?
A digital signature produced by any one of n public keys without revealing which signer was used, introduced by Rivest, Shamir, and Tauman in 2001.
How does Ring Signature work?
A ring signature, introduced by Rivest, Shamir, and Tauman in 2001, allows a signer to authenticate a message on behalf of an ad-hoc 'ring' of n public keys such that a verifier is convinced one of the ring members signed but cannot tell which. No coordination, setup, or group manager is required: the signer simply picks the ring and computes a signature using their own private key and the others' public keys. Variants include linkable ring signatures (LSAG, MLSAG, CLSAG) that expose a key image preventing double-spends and traceable ring signatures used for whistleblower-style anonymity. Monero is the flagship deployment, currently using CLSAG plus Bulletproofs+ for amount privacy.
How do you defend against Ring Signature?
Defences for Ring Signature typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Ring Signature?
Common alternative names include: RSA ring signature, RST signature.
● Related terms
- cryptography№ 321
Digital Signature
A public-key cryptographic mechanism that proves the authenticity, integrity and non-repudiation of a message or document.
- cryptography№ 1265
Zero-Knowledge Proof (ZKP)
A cryptographic protocol in which a prover convinces a verifier that a statement is true without revealing anything beyond the validity of the statement itself.
- cryptography№ 109
BLS Signature
A short pairing-based digital signature by Boneh, Lynn, and Shacham (2001) supporting deterministic single signatures and efficient aggregation across many signers.