Skip to main content
SpringerLink
Log in

Attribute-based signatures from lattices: unbounded attributes and semi-adaptive security

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

We construct a lattice-based (key-policy) attribute-based signatures (ABS) scheme which supports attributes of unbounded polynomial length (the size of the public parameters is a fixed polynomial in the security parameter and a depth bound, with which one can generate signatures for attributes of arbitrary length). Our scheme does not rely on NIZKs, and we prove that our scheme is semi-adaptively unforgeable in the standard model; that is, the adversary can announce the challenge attribute after seeing the public parameters but before launching any query. Unlike our scheme, previous approaches either construct selectively unforgeable ABS schemes in the standard model that only support attributes of a-priori bounded polynomial length, or construct adaptively unforgeable ABS schemes that support attributes of unbounded polynomial length but relying on NIZKs. We adapt an existing technique developed by Brakerski and Vaikuntanathan for constructing lattice-based semi-adaptively secure (key-policy) attribute-based encryption (ABE) with unbounded attribute length. In particular, we use the adapted technique to generate an unbounded number of matrices out of a-priori bounded public matrices in the construction and program the challenge attribute into the public matrices in our semi-adaptive security proof. Moreover, to achieve adaptive signature query in our semi-adaptive security proof, we employ the traditional partitioning technique developed in identity-based systems to encode the message to be signed. Re-using and adapting lattice-based ABE technique and partitioning technique for lattice-based ABS should not be surprising since the three settings share many features, especially their security proof ideas.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. Semi-adaptive security is a weaker notion of adaptive security, where the adversary is allowed to announce the challenge attribute after seeing the public parameters but before making any query.

  2. Since a depth d circuit can have inputs up to \(2^d\), we can use any polynomial depth circuit as the policy circuit, regardless of its input length.

  3. We can think of \(\varDelta \) as having super-polynomial length.

References

  1. Agrawal S., Boneh D., Boyen X.: Efficient lattice (H)IBE in the standard model. In: Advances in Cryptology—EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco/French Riviera, May 30–June 3, 2010. Proceedings, pp. 553–572 (2010).

  2. Ajtai M.: Generating hard instances of lattice problems (extended abstract). In: Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, May 22–24, 1996, pp. 99–108 (1996).

  3. Banerjee A., Peikert C., Rosen A.: Pseudorandom functions and lattices. In: Pointcheval D., Johansson T. (eds.) Advances in Cryptology—EUROCRYPT 2012—31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, UK, April 15-19, 2012. Proceedings. Lecture Notes in Computer Science, vol. 7237, pp. 719–737. Springer (2012).

  4. Bansarkhani R.E., El Kaafarani A.: Post-quantum attribute-based signatures from lattice assumptions. IACR Cryptol. ePrint Arch. 2016, 823 (2016).

    Google Scholar 

  5. Blum M., Santis A.D., Micali S., Persiano G.: Noninteractive zero-knowledge. SIAM J. Comput. 20(6), 1084–1118 (1991).

    Article  MathSciNet  Google Scholar 

  6. Boneh D., Boyen X.: Secure identity based encryption without random oracles. In: Franklin M.K. (ed.) Advances in Cryptology—CRYPTO 2004, 24th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15–19, 2004, Proceedings. Lecture Notes in Computer Science, vol. 3152, pp. 443–459. Springer (2004).

  7. Boneh D., Gentry C., Gorbunov S., Halevi S., Nikolaenko V., Segev G., Vaikuntanathan V., Vinayagamurthy D.: Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuits. In: Advances in Cryptology—EUROCRYPT 2014—33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, May 11–15, 2014. Proceedings, pp. 533–556 (2014).

  8. Brakerski Z., Cash D., Tsabary R., Wee H.: Targeted homomorphic attribute-based encryption. In: Theory of Cryptography—14th International Conference, TCC 2016-B, Beijing, China, October 31–November 3, 2016, Proceedings, Part II, pp. 330–360 (2016).

  9. Brakerski Z., Langlois A., Peikert C., Regev O., Stehlé D.: Classical hardness of learning with errors. In: Boneh D., Roughgarden T., Feigenbaum J. (eds.) Symposium on Theory of Computing Conference, STOC’13, Palo Alto, CA, USA, June 1–4, 2013, pp. 575–584. ACM (2013).

  10. Brakerski Z., Vaikuntanathan V.: Constrained key-homomorphic PRFs from standard lattice assumptions—or: how to secretly embed a circuit in your PRF. In: Theory of Cryptography—12th Theory of Cryptography Conference, TCC 2015, Warsaw, Poland, March 23–25, 2015, Proceedings, Part II, pp. 1–30 (2015).

  11. Brakerski Z., Vaikuntanathan V.: Circuit-abe from LWE: unbounded attributes and semi-adaptive security. In: Robshaw M., Katz J. (eds.) Advances in Cryptology—CRYPTO 2016—36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14–18, 2016, Proceedings, Part III. Lecture Notes in Computer Science, vol. 9816, pp. 363–384. Springer (2016).

  12. Chen J., Wee H.: Semi-adaptive attribute-based encryption and improved delegation for Boolean formula. In: Abdalla M., Prisco R.D. (eds.) Security and Cryptography for Networks—9th International Conference, SCN 2014, Amalfi, Italy, September 3–5, 2014. Proceedings. Lecture Notes in Computer Science, vol. 8642, pp. 277–297. Springer (2014).

  13. Datta P., Okamoto T., Takashima K.: Efficient attribute-based signatures for unbounded arithmetic branching programs. In: Lin D., Sako K. (eds.) Public-Key Cryptography—PKC 2019—22nd IACR International Conference on Practice and Theory of Public-Key Cryptography, Beijing, China, April 14–17, 2019, Proceedings, Part I, Lecture Notes in Computer Science, vol. 11442, pp. 127–158. Springer (2019).

  14. El Kaafarani, A., Katsumata, S.: Attribute-based signatures for unbounded circuits in the ROM and efficient instantiations from lattices. In: Abdalla M., Dahab R. (eds.) Public-Key Cryptography—PKC 2018—21st IACR International Conference on Practice and Theory of Public-Key Cryptography, Rio de Janeiro, Brazil, March 25–29, 2018, Proceedings, Part II. Lecture Notes in Computer Science, vol. 10770, pp. 89–119. Springer (2018).

  15. Gentry C., Peikert C., Vaikuntanathan V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, Victoria, British Columbia, Canada, May 17–20, 2008, pp. 197–206 (2008).

  16. Gentry C., Sahai A., Waters B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Advances in Cryptology—CRYPTO 2013—33rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18–22, 2013. Proceedings, Part I, pp. 75–92 (2013).

  17. Gorbunov S., Vaikuntanathan V., Wichs D.: Leveled fully homomorphic signatures from standard lattices. In: Servedio R.A., Rubinfeld R. (eds.) Proceedings of the Forty-Seventh Annual ACM on Symposium on Theory of Computing, STOC 2015, Portland, OR, USA, June 14–17, 2015, pp. 469–477. ACM (2015).

  18. Katsumata S., Yamada S.: Group signatures without NIZK: from lattices in the standard model. In: Ishai Y., Rijmen V. (eds.) Advances in Cryptology—EUROCRYPT 2019—38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19–23, 2019, Proceedings, Part III. Lecture Notes in Computer Science, vol. 11478, pp. 312–344. Springer (2019).

  19. Maji H.K., Prabhakaran M., Rosulek M.: Attribute-based signatures: achieving attribute-privacy and collusion-resistance. IACR Cryptol. ePrint Arch. 2008, 328 (2008).

    Google Scholar 

  20. Maji H.K., Prabhakaran M., Rosulek M.: Attribute-based signatures. In: Kiayias A. (ed.) Topics in Cryptology—CT-RSA 2011—The Cryptographers’ Track at the RSA Conference 2011, San Francisco, CA, USA, February 14-18, 2011. Proceedings. Lecture Notes in Computer Science, vol. 6558, pp. 376–392. Springer (2011).

  21. Micciancio D., Peikert C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Advances in Cryptology—EUROCRYPT 2012—31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, UK, April 15–19, 2012. Proceedings, pp. 700–718 (2012).

  22. Micciancio D., Regev O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th Symposium on Foundations of Computer Science (FOCS 2004), 17–19 October 2004, Rome, Italy, Proceedings, pp. 372–381. IEEE Computer Society (2004).

  23. Okamoto T., Takashima K.: Decentralized attribute-based signatures. In: Kurosawa K., Hanaoka G. (eds.) Public-Key Cryptography—PKC 2013—16th International Conference on Practice and Theory in Public-Key Cryptography, Nara, Japan, February 26–March 1, 2013. Proceedings. Lecture Notes in Computer Science, vol. 7778, pp. 125–142. Springer (2013).

  24. Peikert C., Shiehian S.: Noninteractive zero knowledge for NP from (plain) learning with errors. In: Boldyreva A., Micciancio D. (eds.) Advances in Cryptology—CRYPTO 2019—39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18–22, 2019, Proceedings, Part I. Lecture Notes in Computer Science, vol. 11692, pp. 89–114. Springer (2019).

  25. Sakai Y., Attrapadung N., Hanaoka G.: Attribute-based signatures for circuits from bilinear map. In: Cheng C., Chung K., Persiano G., Yang B. (eds.) Public-Key Cryptography—PKC 2016—19th IACR International Conference on Practice and Theory in Public-Key Cryptography, Taipei, Taiwan, March 6–9, 2016, Proceedings, Part I. Lecture Notes in Computer Science, vol. 9614, pp. 283–300. Springer (2016).

  26. Shahandashti S.F., Safavi-Naini R.: Threshold attribute-based signatures and their application to anonymous credential systems. In: Preneel B. (eds.) Progress in Cryptology—AFRICACRYPT 2009, Second International Conference on Cryptology in Africa, Gammarth, Tunisia, June 21–25, 2009. Proceedings. Lecture Notes in Computer Science, vol. 5580, pp. 198–216. Springer (2009).

  27. Tsabary R.: An equivalence between attribute-based signatures and homomorphic signatures, and new constructions for both. In: Kalai Y., Reyzin L. (eds.) Theory of Cryptography—15th International Conference, TCC 2017, Baltimore, MD, USA, November 12–15, 2017, Proceedings, Part II. Lecture Notes in Computer Science, vol. 10678, pp. 489–518. Springer (2017).

  28. Waters B.: Efficient identity-based encryption without random oracles. In: Cramer R. (ed.) Advances in Cryptology—EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005, Proceedings. Lecture Notes in Computer Science, vol. 3494, pp. 114–127. Springer (2005).

  29. Yamada S.: Asymptotically compact adaptively secure lattice ibes and verifiable random functions via generalized partitioning techniques. In: Katz J., Shacham H. (eds.) Advances in Cryptology—CRYPTO 2017—37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part III. Lecture Notes in Computer Science, vol. 10403, pp. 161–193. Springer (2017).

  30. Zhang J., Chen Y., Zhang Z.: Programmable hash functions from lattices: short signatures and ibes with small key sizes. In: Robshaw M., Katz J. (eds.) Advances in Cryptology—CRYPTO 2016—36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14–18, 2016, Proceedings, Part III. Lecture Notes in Computer Science, vol. 9816, pp. 303–332. Springer (2016).

Download references

Author information

Authors and Affiliations

  1. College of Science and Engineering, Hamad Bin Khalifa University, Ar-Rayyan, Qatar

    Fucai Luo & Saif Al-Kuwari

  2. Kindi Computing Research Center, Qatar University, Ar-Rayyan, Qatar

    Saif Al-Kuwari

Authors
  1. Fucai Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Saif Al-Kuwari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fucai Luo.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Communicated by R. Steinfeld.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Luo, F., Al-Kuwari, S. Attribute-based signatures from lattices: unbounded attributes and semi-adaptive security. Des. Codes Cryptogr. 90, 1157–1177 (2022). https://doi.org/10.1007/s10623-022-01027-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-022-01027-1

Keywords

Search

Navigation