What’s missing here is the proposal how specifically you would want to address preference falsification using the ring signatures. I can only guess, and maybe what I guess is not what you had in mind.
If I am afraid that being associated with X may get me fired, I don’t want to join a “ring” of people who will once in a while write about X. I might get fired simply for associating with the evil X-ers. Or maybe not fired, just… denied a promotion, or ostracized; punished in a plausibly deniable way. And if the partial anonymity would encourage other ring members to post more taboo topics, that only makes it worse for me.
It might be interesting if you could somehow create involuntary rings. Like, select 10 random people in a country, assigned them to the same ring. Then select 10 more, etc, until everyone is a member of one ring. Then, if someone publishes a horrible opinion using your ring, you can complain about the 9 assholes you don’t know and you never met. But at the same time, if e.g. 50% of rings express certain opinion, we know that at least 5% of the population agrees with it.
But I doubt this would work either. First, what is the size of the rings? Too many, e.g. 3 people per ring, make it simple to punish everyone for what their ring publishes. Base probability 33% that they are guilty anyway, and with further clues you can increase it (for example, the other two are too dumb to express the complicated political opinion you wrote). Too much, e.g. 100 people per ring, then even if every ring writes that they endorse X, you can still claim that X is only endorsed by 1% of the population, and can be safely ignored.
Furthermore, most people don’t understand technology, so they wouldn’t know what to do with the private keys. Some people would publish their key, to protest against this method.
What do you mean when you say you don’t want to “join a ‘ring’ of people” who say controversial stuff? That doesn’t line up with the (admittedly weak) understanding of the protocol that I’m getting from wikipedia. Someone just assembles a list of public keys at their leisure, and uses all of them plus their own, to sign a message. The only way to not be implicated is to never have a publicly available key, right?
Uh, maybe I misunderstood it, but reading the Wikipedia article I got an impression that “ring signature” is a signature shared by group of people. Did I miss the point?
You need to have a private key to sign, otherwise it would be useless as a “signature”.
For signing (in the non-ring case), you encrypt with your private key and they decrypt with your public key, whereas in normal encryption (again, non-ring) you encrypt with their public key and they decrypt with their private key.
What’s missing here is the proposal how specifically you would want to address preference falsification using the ring signatures. I can only guess, and maybe what I guess is not what you had in mind.
If I am afraid that being associated with X may get me fired, I don’t want to join a “ring” of people who will once in a while write about X. I might get fired simply for associating with the evil X-ers. Or maybe not fired, just… denied a promotion, or ostracized; punished in a plausibly deniable way. And if the partial anonymity would encourage other ring members to post more taboo topics, that only makes it worse for me.
It might be interesting if you could somehow create involuntary rings. Like, select 10 random people in a country, assigned them to the same ring. Then select 10 more, etc, until everyone is a member of one ring. Then, if someone publishes a horrible opinion using your ring, you can complain about the 9 assholes you don’t know and you never met. But at the same time, if e.g. 50% of rings express certain opinion, we know that at least 5% of the population agrees with it.
But I doubt this would work either. First, what is the size of the rings? Too many, e.g. 3 people per ring, make it simple to punish everyone for what their ring publishes. Base probability 33% that they are guilty anyway, and with further clues you can increase it (for example, the other two are too dumb to express the complicated political opinion you wrote). Too much, e.g. 100 people per ring, then even if every ring writes that they endorse X, you can still claim that X is only endorsed by 1% of the population, and can be safely ignored.
Furthermore, most people don’t understand technology, so they wouldn’t know what to do with the private keys. Some people would publish their key, to protest against this method.
What do you mean when you say you don’t want to “join a ‘ring’ of people” who say controversial stuff? That doesn’t line up with the (admittedly weak) understanding of the protocol that I’m getting from wikipedia. Someone just assembles a list of public keys at their leisure, and uses all of them plus their own, to sign a message. The only way to not be implicated is to never have a publicly available key, right?
Uh, maybe I misunderstood it, but reading the Wikipedia article I got an impression that “ring signature” is a signature shared by group of people. Did I miss the point?
You need to have a private key to sign, otherwise it would be useless as a “signature”.
For signing (in the non-ring case), you encrypt with your private key and they decrypt with your public key, whereas in normal encryption (again, non-ring) you encrypt with their public key and they decrypt with their private key.