格上基于身份的群签名方案

汤永利; 李元鸿; 张晓航; 叶青

doi:10.7544/issn1000-1239.20210930

格上基于身份的群签名方案

¹(河南理工大学计算机科学与技术学院河南焦作 454003)
²(河南工业和信息化职业学院河南焦作 454003) (yltang@hpu.edu.cn)

基金项目: 国家自然科学基金项目(61802117)；河南省高校科技创新团队支持计划项目(20IRTSTHN013)；河南理工大学青年骨干教师资助计划项目(2018XQG-10)

详细信息

中图分类号: TP309
计量
- 文章访问数: 136
- HTML全文浏览量: 6
- PDF下载量: 78
出版历程
- 发布日期: 2022-11-30

Identity-Based Group Signatures Scheme on Lattice

¹(School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, Henan 454003)
²(Henan College of Industry & Information Technology, Jiaozuo, Henan 454003)

Funds: This work was supported by the National Natural Science Foundation of China (61802117), the Support Plan of Scientific and Technological Innovation Team in Universities of Henan Province (20IRTSTHN013), and the Youth Backbone Teacher Support Program of Henan Polytechnic University (2018XQG-10).

摘要

摘要: 现有的格上群签名方案，虽然能够有效抵抗量子计算的攻击，但是难以避免用户公钥证书复杂的管理问题.基于格基委派、拒绝采样等技术，将基于身份的加密体制与格上群签名相结合，构造了随机预言模型下的格上基于身份的群签名.首先通过陷门生成算法生成系统主密钥；然后通过格基委派技术提取用户身份信息并获取用户密钥；最后在签名阶段不使用零知识证明，而是采用了拒绝采样算法生成签名，并使用LPR加密算法保证群管理员能够通过追溯密钥打开群签名.安全性分析表明，该方案满足完全匿名性、不可伪造性和完全可追溯性，且能够规约到RSIS和RLWE困难假设.与现有的格上群签名相比，该方案实现了基于身份的功能，并且在存储开销方面具有一定的优势，其中密钥开销减小了约79.6%，签名开销减小了约39.9%.
- 基于身份加密 /
- 格 /
- 群签名 /
- 环上小整数解 /
- 环上容错学习
Abstract: Although the existing group signature schemes on lattice can effectively resist the attacks of quantum computing, it is difficult to avoid the complicated management problem of user’s public key certificate. Based on techniques such as rejection sampling and lattice basis delegation, this paper combines the identity-based encryption with the group signature on lattice to construct an identity-based group signature on lattice in the random oracle model. First of all, the system master key is obtained from the trapdoor generation algorithm; Then, the lattice delegation technology extracts the user’s identity information and obtains the user’s private key. Finally, the signature is generated by using the rejection sampling algorithm instead of the zero-knowledge proof system in the signing stage. Meanwhile, this paper uses the LPR encryption algorithm proposed to ensure that the signature can be opened for group administrator by the traceability key. Security analysis shows that the full anonymity, unforgeability and full traceability of the proposed scheme in this paper can be reduced to the hardness assumptions of RSIS and RLWE. Compared with other group signatures on lattice, the proposed scheme is based on identity-based encryption and has certain advantages in storage overhead. Specifically, the overhead of key and signature are decreased roughly by 79.6%, 39.9%, respectively.
- identity-based encryption /
- lattice /
- group signature /
- RSIS /
- RLWE

HTML全文

参考文献(0)

施引文献(3)

期刊类型引用(2)

1.	邵子豪，霍如，王志浩，倪东，谢人超. 基于区块链的移动群智感知数据处理研究综述. 浙江大学学报(工学版). 2024(06): 1091-1106 . 百度学术
2.	赵贺贺，高鹏飞，张健明. 英式逆拍卖可以提高第三支柱养老保险市场效率吗？. 长沙民政职业技术学院学报. 2023(01): 74-80 . 百度学术