Advertisement

Lattice-based group signature with verifier-local revocation

  • Wen Gao (高 雯)
  • Yupu Hu (胡予濮)
  • Yanhua Zhang (张彦华)
  • Baocang Wang (王保仓)
Article

Abstract

Among several post quantum primitives proposed in the past few decades, lattice-based cryptography is considered as the most promising one, due to its underlying rich combinatorial structure, and the worst-case to average-case reductions. The first lattice-based group signature scheme with verifier-local revocation (VLR) is treated as the first quantum-resistant scheme supported member revocation, and was put forward by Langlois et al. This VLR group signature (VLR-GS) has group public key size of O(nm log N log q), and a signature size of O(tm logN log q log β). Nguyen et al. constructed a simple efficient group signature from lattice, with significant advantages in bit-size of both the group public key and the signature. Based on their work, we present a VLR-GS scheme with group public key size of O(nm log q) and signature size of O(tm log q). Our group signature has notable advantages: support of membership revocation, and short in both the public key size and the signature size.

Keywords

lattice-based member revocation digital signature 

CLC number

TP 309 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    CHAUM D, HEYST E. Group signatures [C]//Advances in Cryptology (EUROCRYPT’ 91). Berlin Heidelberg: Springer, 1991: 257–265.Google Scholar
  2. [2]
    ATENIESE G, CAMENISCH J, JOYE M, et al. A practical and provably secure coalition-resistant group signature scheme [C]//Advances in Cryptology (CRYPTO 2000). Berlin Heidelberg: Springer, 2000: 255–270.CrossRefGoogle Scholar
  3. [3]
    BONEH D, BOYEN X, SHACHAM H. Short group signatures [C]//Advances in Cryptology: CRYPTO 2004. Berlin Heidelberg: Springer, 2004: 41–55.CrossRefGoogle Scholar
  4. [4]
    BONEH D, SHACHAM H. Group signatures with verifier-local revocation [C]//Proceedings of 11th ACM Conference on Computer and Communications Security. New York, USA: ACM, 2004: 168–177.Google Scholar
  5. [5]
    LIBERT B, PETERS T, YUNG M. Group signatures with almost-for-free revocation [C]//Advances in Cryptology: CRYPTO 2012. Berlin Heidelberg: Springer, 2012: 571–589.CrossRefGoogle Scholar
  6. [6]
    SHOR PW. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer [J]. SIAM Journal on Computing, 1997, 26(5): 1484–1509.MathSciNetCrossRefMATHGoogle Scholar
  7. [7]
    PHONG Q N, ZHANG J, ZHANG Z F. Simpler efficient group signatures from lattices [C]// Public-Key Cryptography (PKC) 2015. Berlin Heidelberg: Springer, 2015: 401–426.Google Scholar
  8. [8]
    LANGLOIS A, LING S, NGUYEN K, et al. Latticebased group signature scheme with verifier-local revocation [C]//Proceedings of 17th International Conference on Practice and Theory in Public-Key Cryptography. Berlin Heidelberg: Springer, 2014: 345–361.Google Scholar
  9. [9]
    BONEH D, SHACHAM H. Group signatures with verifier-local revocation [C]//Proceedings of 11th ACM Conference on Computer and Communications Security. New York, USA: ACM, 2004: 168–177.Google Scholar
  10. [10]
    NAKANISHI T, FUNABIKI N. Verifier-local revocation group signature schemes with backward unlinkability from bilinear maps [C]// Advances in Cryptology: ASIACRYPT 2005. Berlin Heidelberg: Springer, 2005: 533–548.CrossRefGoogle Scholar
  11. [11]
    BICHSEL P, CAMENISCH J, NEVEN G, et al. Get shorty via group signatures without encryption [J]. Security and Cryptography for Networks, 2010, 6280: 381–398.CrossRefMATHGoogle Scholar
  12. [12]
    GORDON S D, KATZ J, VAIKUNTANATHAN V. A group signature scheme from lattice assumptions [C]//Advances in Cryptology: ASIACRYPT 2010. Berlin Heidelberg: Springer, 2010: 395–412.CrossRefGoogle Scholar
  13. [13]
    GENTRY C, PEIKERT C, VAIKUNTANATHAN V. Trapdoors for hard lattices and new cryptographic constructions [C]//Proceedings of the 40th Annual ACM Symposium on Theory of Computing. New York, USA: ACM, 2008: 197–206.Google Scholar
  14. [14]
    REGEV O. On lattices, learning with errors, random linear codes, and cryptography [C]//Proceedings of the 37th ACM Symposium on Theory of Computing. New York, USA: ACM, 2005: 84–93.Google Scholar
  15. [15]
    MICCIANCIO D, VADHAN S. Statistical zeroknowledge proofs with efficient provers: lattice problems and more [C]//Advances in Cryptology: CRYPTO 2003. Berlin Heidelberg: Springer, 2003: 282–298.CrossRefGoogle Scholar
  16. [16]
    CAMENISCH J, NEVEN G, RüCKERT M. Fully anonymous attribute tokens from lattices [J]. LNCS: Security and Cryptography for Networks, 2012, 7485: 57–75.MathSciNetMATHGoogle Scholar
  17. [17]
    LAGUILLAUMIE F, LANGLOIS A, LIBERT B, et al. Lattice-based group signatures with logarithmic signature size [C]//Advances in Cryptology: ASIACRYPT 2013. Berlin Heidelberg: Springer, 2013: 41–61.CrossRefGoogle Scholar
  18. [18]
    LING S, NGUYEN K, STEHLé D, et al. Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications [C]//Proceedings of 16th International Conference on Practice and Theory in Public-Key Cryptography. Berlin Heidelberg: Springer, 2013: 107–124.Google Scholar
  19. [19]
    AJTAI M. Generating hard instances of lattice problems (extended abstract) [C]//Proceedings of the 28th annual ACM Symposium on Theory of Computing. New York, USA: ACM, 1996: 99–108.Google Scholar
  20. [20]
    ALWEN J, PEIKERT C. Generating shorter bases for hard random lattices [C]//Proceedings of 26th International Symposium on Theoretical Aspects of Computer Science. Schloss Dagstuhl, Germany: IBFI, 2009: 75–86.Google Scholar
  21. [21]
    MICCIANCIO D, PEIKERT C. Trapdoors for lattices: Simpler, tighter, faster, smaller [C]//Advances in Cryptology: EUROCRYPT 2012. Berlin Heidelberg: Springer, 2012: 700–718.CrossRefGoogle Scholar
  22. [22]
    BELLARE M, NEVEN G. Multi-signatures in the plain public-key model and a general forking lemma [C]//Proceedings of the 13th ACM Conference on Computer and Communications Security. New York, USA: ACM, 2006: 390–399.Google Scholar
  23. [23]
    MICCIANCIO D, REGEV O. Worst-case to averagecase reductions based on gaussian measures [J]. SIAM Journal on Computing, 2007, 37(1): 267–302.MathSciNetCrossRefMATHGoogle Scholar
  24. [24]
    LYUBASHEVSKY V. Lattice signatures without trapdoors [C]//Advances in Cryptology: EUROCRYPT 2012. Berlin Heidelberg: Springer, 2012: 738–755.CrossRefGoogle Scholar

Copyright information

© Shanghai Jiaotong University and Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  • Wen Gao (高 雯)
    • 1
  • Yupu Hu (胡予濮)
    • 1
  • Yanhua Zhang (张彦华)
    • 1
  • Baocang Wang (王保仓)
    • 1
  1. 1.State Key Laboratory of Integrated Service NetworksXidian UniversityXi’anChina

Personalised recommendations