Signer-anonymity is a central feature of ring signatures (RS) which enable a user to sign messages on behalf of an arbitrary set of users, called the ring, without revealing exactly which member of that ring actually generated the signature. The strong and long-term signer-ambiguous is a reassuring guarantee for the user hesitating to leak a secret, especially if the consequences of an identification are dire in some scenarios such as whistleblowing. The unconditional ambiguity notion, which protects the signer-ambiguous even confront with an infinitely powerful adversary, is considered for RS which wants to achieve long-term signer-ambiguous. However, the existing works that consider the unconditional ambiguity notion did not comprehensively and strictly capture the unconditional ambiguity notion, and the existing lattice-based RS constructions analyzed the unconditional ambiguity only in the random oracle model. In this paper, we reformalize the unconditional ambiguity notion for RS, which comprehensively and strictly captures the security requirements imposed by the practice. Then we propose a lattice-based RS construction with unconditional ambiguity and prove the security (unforgeability and signer-ambiguous) in the standard model.

翻译：签名者匿名性是环签名（RS）的核心特征，该机制允许用户代表任意用户集合（称为环）对消息进行签名，而无需揭示该环中具体哪个成员生成了签名。强健且长期的签名者模糊性是用户犹豫是否泄露秘密时的有力保障，尤其是在某些场景（如告密）中，身份暴露的后果极为严重。为实现长期签名者模糊性，环签名需考虑无条件模糊性概念——即使面对无限强大的敌手，该概念仍能保护签名者的匿名性。然而，现有涉及无条件模糊性概念的研究并未全面且严格地刻画该概念，且基于格的环境签名构造仅在随机预言机模型下分析了无条件模糊性。本文重新形式化了环签名的无条件模糊性概念，全面且严格地捕捉了实际应用中的安全需求。随后，我们提出了一种基于格的环境签名构造，该构造具有无条件模糊性，并在标准模型下证明了其安全性（不可伪造性与签名者模糊性）。