Help for testing signature model property

pl flag

I'm new to cryptography and signatures, I've done work that involves a signature model, and now I need to run tests on it.

In this paper [1], a signature model called Linkable Spontaneous Anonymous Group Signature is created. The algorithm is described in the paper, it is capable of creating signatures for groups of public keys. If a signature was created using LSAG, a verifier can verify the correctness of the signature but cannot know which public key is related to it, it only knows that it belongs to a group of public keys. Also, if a private key is used more than once, its generated signatures will be linked, and a verifier may know that the messages were signed by the same private key, but not which public key is related. This sinature model has clear applications in voting systems to avoid double voting and preserve voters' anonymity.

My problem: I managed to run the algorithm and it works correctly. But now I need to test the property cited in the paper as "Theorem 2 (Signer-Ambiguity)". The paper produces a mathematical proof of this in the appendix "C Proof of Theorem 2 (Signer-Ambiguity)". What I need is to understand how I can proceed with formal tests to verify Signer-ambiguity in practice.

Any kind of help would be grateful.

Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups

I sit in a Tesla and translated this thread with Ai:


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.