2022, Volume 23, Issue 6
Frontiers of Information Technology & Electronic Engineering >> 2022, Volume 23, Issue 6 doi: 10.1631/FITEE.2000507
Verifier-local revocation group signatures with backward unlinkability from lattices
Affiliation(s): College of Computer and Communication Engineering, Zhengzhou University of Light Industry, Zhengzhou 450001, China; College of Mathematics and Computer Science, Fuzhou University, Fuzhou 350108, China; State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an 710071, China; College of Information Engineering, Zhengzhou University of Technology, Zhengzhou 450044, China; School of Mathematics and Information Science, Guangzhou University, Guangzhou 510006, China; less
Next Previous
Abstract
For (GS) supporting membership revocation, (VLR) mechanism seems to be a more flexible choice, because it requires only that verifiers download up-to-date revocation information for signature verification, and the signers are not involved. As a post-quantum secure cryptographic counterpart of classical number-theoretic cryptographic constructions, the first lattice-based VLR (VLR-GS) was introduced by Langlois et al. (2014). However, none of the contemporary lattice-based VLR-GS schemes provide backward unlinkability (BU), which is an important property to ensure that previously issued signatures remain anonymous and unlinkable even after the corresponding signer (i.e., member) is revoked. In this study, we introduce the first lattice-based VLR-GS scheme with BU security (VLR-GS-BU), and thus resolve a prominent open problem posed by previous works. Our new scheme enjoys an (log) factor saving for bit-sizes of the group public-key (GPK) and the member's signing secret-key, and it is free of any public-key encryption. In the random oracle model, our scheme is proven secure under two well-known hardness assumptions of the (SIS) problem and learning with errors (LWE) problem.
京公网安备 11010502051620号
