Hierarchical Ring Signatures Immune to Randomness Injection Attacks

We propose a modification of the hierarchical-ring-signature scheme, which may be regarded as an extension to a regular ring signature scheme. The scheme is defined over a structure of nodes, where each node is a root of its own tree, and its anonymity-set spans over all its leaf nodes. Our modified construction is resistant to an exposure of randomness from a signing device, on any level of the hierarchy. The proposed scheme is provably secure in a stronger security model, in which we allow a forger to inject the randomness into the signing device. We define the scheme to be secure if such an injection, will not give any advantage to the adversary and does not lead to a fresh forgery. The proposed scheme can be applied in scenarios with untrusted hardware, or weak pseudo-random number generators.