Full Text:   <2098>

Summary:  <28>

CLC number: TP309.2

On-line Access: 2022-06-17

Received: 2020-09-28

Revision Accepted: 2022-07-05

Crosschecked: 2021-03-15

Cited: 0

Clicked: 3630

Citations:  Bibtex RefMan EndNote GB/T7714

 ORCID:

Yanhua ZHANG

https://orcid.org/0000-0001-7946-5262

Huiwen JIA

https://orcid.org/0000-0002-9289-5918

-   Go to

Article info.
Open peer comments

Frontiers of Information Technology & Electronic Engineering  2022 Vol.23 No.6 P.876-892

http://doi.org/10.1631/FITEE.2000507


Verifier-local revocation group signatures with backward unlinkability from lattices


Author(s):  Yanhua ZHANG, Ximeng LIU, Yupu HU, Yong GAN, Huiwen JIA

Affiliation(s):  College of Computer and Communication Engineering, Zhengzhou University of Light Industry, Zhengzhou 450001, China; more

Corresponding email(s):   yhzhang@email.zzuli.edu.cn, hwjia@gzhu.edu.cn

Key Words:  Group signature, Lattice-based cryptography, Verifier-local revocation, Backward unlikability, Short integer solution


Yanhua ZHANG, Ximeng LIU, Yupu HU, Yong GAN, Huiwen JIA. Verifier-local revocation group signatures with backward unlinkability from lattices[J]. Frontiers of Information Technology & Electronic Engineering, 2022, 23(6): 876-892.

@article{title="Verifier-local revocation group signatures with backward unlinkability from lattices",
author="Yanhua ZHANG, Ximeng LIU, Yupu HU, Yong GAN, Huiwen JIA",
journal="Frontiers of Information Technology & Electronic Engineering",
volume="23",
number="6",
pages="876-892",
year="2022",
publisher="Zhejiang University Press & Springer",
doi="10.1631/FITEE.2000507"
}

%0 Journal Article
%T Verifier-local revocation group signatures with backward unlinkability from lattices
%A Yanhua ZHANG
%A Ximeng LIU
%A Yupu HU
%A Yong GAN
%A Huiwen JIA
%J Frontiers of Information Technology & Electronic Engineering
%V 23
%N 6
%P 876-892
%@ 2095-9184
%D 2022
%I Zhejiang University Press & Springer
%DOI 10.1631/FITEE.2000507

TY - JOUR
T1 - Verifier-local revocation group signatures with backward unlinkability from lattices
A1 - Yanhua ZHANG
A1 - Ximeng LIU
A1 - Yupu HU
A1 - Yong GAN
A1 - Huiwen JIA
J0 - Frontiers of Information Technology & Electronic Engineering
VL - 23
IS - 6
SP - 876
EP - 892
%@ 2095-9184
Y1 - 2022
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/FITEE.2000507


Abstract: 
For group signature (GS) supporting membership revocation, verifier-local revocation (VLR) mechanism seems to be a more flexible choice, because it requires only that verifiers download up-to-date revocation information for signature verification, and the signers are not involved. As a post-quantum secure cryptographic counterpart of classical number-theoretic cryptographic constructions, the first lattice-based VLR group signature (VLR-GS) was introduced by Langlois et al. (2014). However, none of the contemporary lattice-based VLR-GS schemes provide backward unlinkability (BU), which is an important property to ensure that previously issued signatures remain anonymous and unlinkable even after the corresponding signer (i.e., member) is revoked. In this study, we introduce the first lattice-based VLR-GS scheme with BU security (VLR-GS-BU), and thus resolve a prominent open problem posed by previous works. Our new scheme enjoys an O(logN) factor saving for bit-sizes of the group public-key (GPK) and the member's signing secret-key, and it is free of any public-key encryption. In the random oracle model, our scheme is proven secure under two well-known hardness assumptions of the short integer solution (SIS) problem and learning with errors (LWE) problem.

格上后向无关联性安全的验证者本地撤销群签名

张彦华1,刘西蒙2,胡予濮3,甘勇4,贾惠文5
1郑州轻工业大学计算机与通信工程学院,中国郑州市,450001
2福州大学数学与计算机科学学院,中国福州市,350108
3西安电子科技大学综合业务网理论及关键技术国家重点实验室,中国西安市,710071
4郑州工程技术学院信息工程学院,中国郑州市,450044
5广州大学数学与信息科学学院,中国广州市,510006
摘要:群成员可撤销的群签名中,验证者本地撤销机制似乎是一种更为灵活的选择,因为在签名验证过程中,仅需验证者获取最新的撤销信息,而不涉及签名者。与经典的数论型构造相对应,Langlois等人给出了后量子安全的首个格上验证者本地撤销群签名。然而,截至目前,所有格上验证者本地撤销群签名方案暂不满足后向无关联性,该特性可保障群成员被撤销前其对消息签名的匿名性和无关联性。本文给出了首个格上后向无关联性安全的验证者本地撤销群签名方案,从而解决了这一公开问题。新方案为群公钥和群成员签名密钥节省了O(log N)的比特大小,并且没有任何公钥加密。特别地,新方案在随机谕言机模型下是可证明安全的,其困难性可归约至两个经典格上难题假设,即小整数解难题和差错学习难题。

关键词:群签名;格密码;验证者本地撤销;后向无关联性;小整数解难题

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article

Reference

[1]Agrawal S, Boneh D, Boyen X, 2010. Efficient lattice (H)IBE in the standard model. Proc 29th Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.553-572.

[2]Ajtai M, 1996. Generating hard instances of lattice problems (extended abstract). Proc 28th ACM Symp on Theory of Computing, p.99-108.

[3]Alwen J, Peikert C, 2011. Generating shorter bases for hard random lattices. Theor Comput Syst, 48(3):535-553.

[4]Bellare M, Micciancio D, Warinschi B, 2003. Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. Proc 22nd Int Conf on the Theory and Applications of Cryptographic Techniques, p.614-629.

[5]Bellare M, Shi HX, Zhang C, 2005. Foundations of group signatures: the case of dynamic groups. Cryptographers’ Track at the RSA Conf, p.136-153.

[6]Boneh D, Shacham H, 2004. Group signatures with verifier-local revocation. Proc 11th ACM Conf on Computer and Communications Security, p.168-177.

[7]Bootle J, Cerulli A, Chaidos P, et al., 2016. Foundations of fully dynamic group signatures. Proc 14th Int Conf on the Applied Cryptography and Network Security, p.117-136.

[8]Cash D, Hofheinz D, Kiltz E, et al., 2010. Bonsai trees, or how to delegate a lattice basis. Proc 29th Int Conf on the Theory and Applications of Cryptographic Techniques, p.523-552.

[9]Chaum D, van Heyst E, 1991. Group signatures. Workshop on the Theory and Application of Cryptographic Techniques, p.257-265.

[10]Emura K, Hayashi T, 2018. A revocable group signature scheme with scalability from simple assumptions and its implementation. Proc 21st Int Conf on Information Security, p.442-460.

[11]Gao W, Hu YP, Zhang YH, et al., 2017. Lattice-based group signature with verifier-local revocation. J Shanghai Jiao Tong Univ (Sci), 22(3):313-321.

[12]Gentry C, Peikert C, Vaikuntanathan V, 2008. Trapdoors for hard lattices and new cryptographic constructions. Proc 40th Annual ACM Symp on Theory of Computing, p.197-206.

[13]Gordon SD, Katz J, Vaikuntanathan V, 2010. A group signature scheme from lattice assumptions. Proc 16th Int Conf on the Theory and Application of Cryptology and Information Security, p.395-412.

[14]Huang JY, Huang Q, Susilo W, 2020. Leakage-resilient group signature: definitions and constructions. Inform Sci, 509:119-132.

[15]Ishida A, Sakai Y, Emura K, et al., 2018. Fully anonymous group signature with verifier-local revocation. Proc 11th Int Conf on Security and Cryptography for Networks, p.23-42.

[16]Kawachi A, Tanaka K, Xagawa K, 2008. Concurrently secure identification schemes based on the worst-case hardness of lattice problems. Proc 14th Int Conf on the Theory and Application of Cryptology and Information Security, p.372-389.

[17]Langlois A, Ling S, Nguyen K, et al., 2014. Lattice-based group signature scheme with verifier-local revocation. Proc 17th Int Conf on Practice and Theory in Public-Key Cryptography, p.345-361.

[18]Libert B, Vergnaud D, 2009. Group signatures with verifier-local revocation and backward unlinkability in the standard model. Proc 8th Int Conf on Cryptology and Network Security, p.498-517.

[19]Ling S, Nguyen K, Stehlé D, et al., 2013. Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications. Proc 16th Int Conf on Practice and Theory in Public-Key Cryptography, p.107-124.

[20]Ling S, Nguyen K, Roux-Langlois A, et al., 2018. A lattice-based group signature scheme with verifier-local revocation. Theor Comput Sci, 730:1-20.

[21]Micciancio D, Peikert C, 2012. Trapdoors for lattices: simpler, tighter, faster, smaller. Proc 31st Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.700-718.

[22]Micciancio D, Peikert C, 2013. Hardness of SIS and LWE with small parameters. Proc 33rd Annual Cryptology Conf, p.21-39.

[23]Nakanishi T, Funabiki N, 2005. Verifier-local revocation group signature schemes with backward unlinkability from bilinear maps. Proc 11th Int Conf on the Theory and Application of Cryptology and Information Security, p.533-548.

[24]Nakanishi T, Funabiki N, 2006. A short verifier-local revocation group signature scheme with backward unlinkability. Proc 1st Int Workshop on Security, p.17-32.

[25]Nguyen PQ, Zhang J, Zhang ZF, 2015. Simpler efficient group signatures from lattices. Proc 18th IACR Int Conf on Practice and Theory in Public-Key Cryptography, p.401-426.

[26]Perera MNS, Koshiba T, 2018a. Achieving full security for lattice-based group signatures with verifier-local revocation. Proc 20th Int Conf on Information and Communications Security, p.287-302.

[27]Perera MNS, Koshiba T, 2018b. Zero-knowledge proof for lattice-based group signature schemes with verifier-local revocation. Proc 21st Int Conf on Network-Based Information Systems, p.772-782.

[28]Perera MNS, Koshiba T, 2018c. Achieving strong security and verifier-local revocation for dynamic group signatures from lattice assumptions. Proc 14th Int Conf on Security and Trust Management, p.3-19.

[29]Regev O, 2005. On lattices, learning with errors, random linear codes, and cryptography. Proc 37th Annual ACM Symp on Theory of Computing, p.84-93.

[30]Song DX, 2001. Practical forward secure group signature schemes. Proc 8th ACM Conf on Computer and Communications Security, p.225-234.

[31]Zhang YH, Hu YP, Gao W, et al., 2016. Simpler efficient group signature scheme with verifier-local revocation from lattices. KSII Trans Int Inform Syst, 10(1):414-430.

[32]Zhang YH, Hu YP, Zhang QK, et al., 2019a. On new zero-knowledge proofs for lattice-based group signatures with verifier-local revocation. Proc 22nd Int Conf on Information Security, p.190-208.

[33]Zhang YH, Liu XM, Hu YP, et al., 2019b. Lattice-based group signatures with verifier-local revocation: achieving shorter key-sizes and explicit traceability with ease. Proc 18th Int Conf on Cryptology and Network Security, p.120-140.

Open peer comments: Debate/Discuss/Question/Opinion

<1>

Please provide your name, email address and a comment





Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - 2022 Journal of Zhejiang University-SCIENCE