ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (3): 583-597.doi: 10.7544/issn1000-1239.2021.20200321

• 信息安全 • 上一篇    下一篇

前向安全的格基代理签名

谢佳1,胡予濮2,江明明3   

  1. 1(河南财经政法大学计算机与信息工程学院 郑州 450046);2(综合业务网理论及关键技术国家重点实验室(西安电子科技大学) 西安 710071);3(淮北师范大学计算机科学与技术学院 安徽淮北 235000) (xiejia199325@163.com)
  • 出版日期: 2021-03-01
  • 基金资助: 
    国家自然科学基金青年科学基金项目(61802110, 61702161);河南省重点研发与推广专项(科技攻关)(202102310195);河南省高等学校重点科研项目(19A413005, 18A520003)

Lattice-Based Forward Secure Proxy Signatures

Xie Jia1, Hu Yupu2, Jiang Mingming3   

  1. 1(College of Computer and Information Engineering, Henan University of Economics and Law, Zhengzhou 450046);2(State Key Laboratory of Integrated Services Networks(Xidian University), Xi’an 710071);3(College of Computer Science and Technology, Huaibei Normal University, Huaibei, Anhui 235000)
  • Online: 2021-03-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China for Young Scientists (61802110, 61702161), the Key Research and Development and Promotion Program of Henan Province (Science and Technology) (202102310195), and the Key Research Found for Higher Education of Henan Province (19A413005, 18A520003).

摘要: 顾名思义, 前向安全的代理签名具备前向安全性和可代理性, 因而, 自提出以来, 已被广泛应用在移动通信、电子拍卖等众多应用场景中.目前现有的前向安全的代理签名基本上都是基于离散对数难题亦或是大整数分解问题.而这些问题随着量子计算机逐渐成为现实, 将会变得不再困难.因而, 寻找量子计算环境下前向安全的代理签名已迫在眉睫.现存的量子安全的公钥密码体制有4类, 分别为基于Hash的密码体制、基于编码的密码体制、多变量公钥密码体制以及格公钥密码体制.在这4类公钥密码体制中, 格公钥密码以其量子免疫性, 计算简单高效, 任意实例下的安全性和最坏实例下的安全性相当等优势在近10年得到了快速发展, 并已经取得了显著成就.在格上引入前向安全的代理签名这一概念并给出其安全性模型, 基于格上已知NP困难的小整数解问题(small integer solution, SIS)提出了2个前向安全的格基代理签名.在这2个签名中, 其中1个签名在随机预言机模型下被证明是不可伪造的, 能够抵抗恶意原始签名人和未被授权代理签名人攻击, 且与之前格基代理签名相比较, 以牺牲效率为代价, 达到了实现前向安全性的目的; 另外1个签名在标准模型下是安全的, 且能实现前向安全性.

关键词: 格公钥, 前向安全, 代理, 签名, 不可伪造性

Abstract: With advantages of both forward security and proxy, the forward secure proxy signature has been widely applied in mobile communication and electronic auction since it was proposed. However, most of the existing forward secure proxy signatures are based on the classic number theory problem, such as the problem of discrete logarithms and the problem of factorization, which are no longer secure when the general quantum computers become a reality. So looking for the quantum-immune forward secure proxy signature is much urgent. Among the four quantum-immune public key cryptographies, lattice-based cryptography enters a rapid development period in the last ten years and has got many achievements, having the advantages of quantum-immune, computing simply and efficiently, and the worst-case to average-case security guarantees. In this paper, we firstly introduce the concept and the security model of forward secure proxy signature in lattice-based cryptography, and propose two forward secure proxy lattice-based signature schemes based on the small integer solution problem, which is the NP-hard problem. One is the first lattice-based forward proxy signature in the random oracle model, which is proven secure against the polynomial time adversary(both of the unauthorized proxy signer and the malicious original signer). And the forward security is satisfied at the expense of efficiency. The other is proven unforgeable and forward secure in the standard model, which is also the first lattice-based attempt in the standard model.

Key words: lattice, forward secure, proxy, signature, unforgeable

中图分类号: