Jie Cai,Han Jiang,Hao Wang,Qiuliang Xu

DOI: https://doi.org/10.1155/2020/8857815

IF: 1.968

2020-10-28

Security and Communication Networks

Abstract:In this paper, we design a new lattice-based linearly homomorphic signature scheme over F 2 . The existing schemes are all constructed based on hash-and-sign lattice-based signature framework, where the implementation of preimage sampling function is Gaussian sampling, and the use of trapdoor basis needs a larger dimension m ≥ 5 n log q . Hence, they cannot resist potential side-channel attacks and have larger sizes of public key and signature. Under Fiat–Shamir with aborting signature framework and general SIS problem restricted condition m ≥ n log q , we use uniform sampling of filtering technology to design the scheme, and then, our scheme has a smaller public key size and signature size than the existing schemes and it can resist side-channel attacks.

computer science, information systems,telecommunications

Hong Zhao,Yan-yan Han,Shuhan Yu,Kaili Dou

DOI: https://doi.org/10.1117/12.2685750

2023-08-15

Abstract:The certificateless cryptography solves the certificate management and key escrow problems in the Internet of Things. However, these schemes are no longer safe in the quantum environment. Lattice cryptography has become the main method to solve quantum security. At present, only a few lattice-based certificateless signature schemes have been proposed and the use of the trapdoor function limits the efficiency of the lattice cryptography, and the security of these schemes can only reach existential unforgeability. We construct a lattice-based certificateless signature scheme based on Lyubashevsky's signature scheme. The security of our scheme can reach strong unforgeability and the computational efficiency of our scheme is lower than the previous schemes.

Computer Science,Engineering

OUYANG Weiping,MA Chunguang,LI Zengpeng,DU Gang

DOI: https://doi.org/10.11990/jheu.201602046

2017-01-01

Abstract:To construct a homomorphic scheme that supports the homomorphic computation of signatures in certain signature sets on arbitrary circuits, we used trapdoor sampling technology to construct a leveled fully homomorphic signature scheme based on the AND and XOR gates, which can support homomorphic computation on arbitrary cir-cuits. In addition, the size of the new signature is independent of the circuit size and initial signature sizes, but de-pends on the depth of the circuits and security parameters. We verified the security of this scheme using the random oracle model based on the difficulty of finding small integer solutions ( SIS) in lattices. Users can conduct leveled homomorphic computation on a designated signature set despite not knowing the secret key. Published research has also focused on linear and polynomial homomorphic schemes.

Xuan Zhou,Yuan Tian,Weidong Zhong,Tanping Zhou,Xiaoyuan Yang

DOI: https://doi.org/10.7717/peerj-cs.1978

2024-03-28

PeerJ Computer Science

Abstract:Linearly homomorphic signature (LHS) allows the acquisition of a new legal signature using the homomorphic operation of the original signatures. However, the public composability of LHS also prevents it from being used in some scenarios where the combiner needs to be designated. The LZZ22 scheme designates a combiner and preserves the signature structure by having the signer and the designated combiner share a secret. However, LZZ22 is not secure enough because the secret is constant. Here, we first prove that there is a polynomial time adversary that can crack the secret in LZZ22 through multiple signature queries. Then, we propose a new scheme, which realizes all the functions of LZZ22 and fixes the security problem by changing the secret with the message. The proposed scheme is shown to be secure against existential forgery on adaptively chosen subspace attacks under the random oracle model. Finally, we detail how to apply our scheme to the proxy signature and perform it on a personal computer, and the results show that our scheme is efficient.

computer science, information systems, artificial intelligence, theory & methods

Jiaxin Pan,Benedikt Wagner

DOI: https://doi.org/10.1007/978-3-030-81293-5_19

2021-01-01

Abstract:We construct a short and adaptively secure identity-based signature scheme tightly based on the well-known Short Integer Solution (SIS) assumption. Although identity-based signature schemes can be tightly constructed from either standard signature schemes against adaptive corruptions in the multi-user setting or a two-level hierarchical identity-based encryption scheme, neither of them is known with short signature size and tight security based on the SIS assumption. Here “short” means the signature size is independent of the message length, which is in contrast to the tree-based (tight) signatures.Our approach consists of two steps: Firstly, we give two generic transformations (one with random oracles and the other without) from non-adaptively secure identity-based signature schemes to adaptively secure ones tightly. Our idea extends the similar transformation for digital signature schemes. Secondly, we construct a non-adaptively secure identity-based signature scheme based on the SIS assumption in the random oracle model.

Jia Xie,Yupu Hu,Juntao Gao,Wen Gao,Mingming Jiang

DOI: https://doi.org/10.3837/tiis.2016.10.030

2016-01-01

KSII Transactions on Internet and Information Systems

Abstract:Because of the advantages of certificateless and no escrow feature over the regular signature and identity-based signature, certificateless signature has been widely applied in e-business, e-government and software security since it was proposed in 2003. Although a number of certificateless signature schemes have been proposed, there is only one lattice-based certificateless signature scheme which is still secure in the quantum era. But its efficiency is not very satisfactory. In this paper, the first certificateless signature scheme on NTRU lattice is proposed, which is proven to be secure in random oracle model. Moreover, the efficiency of the new scheme is higher than that of the only one lattice-based certificateless signature.

Chi Zhang

2024-09-13

Abstract:Lattices have many significant applications in cryptography. In 2021, the $p$-adic signature scheme and public-key encryption cryptosystem were introduced. They are based on the Longest Vector Problem (LVP) and the Closest Vector Problem (CVP) in $p$-adic lattices. These problems are considered to be challenging and there are no known deterministic polynomial time algorithms to solve them. In this paper, we improve the LVP algorithm in local fields. The modified LVP algorithm is a deterministic polynomial time algorithm when the field is totally ramified and $p$ is a polynomial in the rank of the input lattice. We utilize this algorithm to attack the above schemes so that we are able to forge a valid signature of any message and decrypt any ciphertext. Although these schemes are broken, this work does not mean that $p$-adic lattices are not suitable in constructing cryptographic primitives. We propose some possible modifications to avoid our attack at the end of this paper.

Cryptography and Security,Number Theory

Fengxia Liu,Zhiyong Zheng,Zixian Gong,Kun Tian,Yi Zhang,Zhe Hu,Jia Li,Qun Xu

DOI: https://doi.org/10.1186/s42400-023-00198-1

2024-04-04

Abstract:Lattice-based digital signature has become one of the widely recognized post-quantum algorithms because of its simple algebraic operation, rich mathematical foundation and worst-case security, and also an important tool for constructing cryptography. This survey explores lattice-based digital signatures, a promising post-quantum resistant alternative to traditional schemes relying on factoring or discrete logarithm problems, which face increasing risks from quantum computing. The study covers conventional paradigms like Hash-and-Sign and Fiat-Shamir, as well as specialized applications including group, ring, blind, and proxy signatures. It analyzes the versatility and security strengths of lattice-based schemes, providing practical insights. Each chapter summarizes advancements in schemes, identifying emerging trends. We also pinpoint future directions to deploy lattice-based digital signatures including quantum cryptography.

Shangping Wang,Ru zhao

DOI: https://doi.org/10.48550/arXiv.1405.3177

2014-05-13

Abstract:On the basis of the signatures scheme without trapdoors from lattice, which is proposed by Vadim Lyubashevsky in 2012, we present a new ring signature scheme from lattice. The proposed ring signature scheme is an extension of the signatures scheme without trapdoors. We proved that our scheme is strongly unforgeable against adaptive chosen message in the random oracle model, and proved that the security of our scheme can be reduced to the hardness of the small integer solution (SIS) problem by rejection samplings. Compared with the existing lattice-based ring signature schemes, our new scheme is more efficient and with shorter signature length.

Cryptography and Security

Jianhua Yan,Licheng Wang,Lihua Wang,Yixian Yang,Wenbin Yao

DOI: https://doi.org/10.1155/2013/702539

IF: 1.43

2013-01-01

Mathematical Problems in Engineering

Abstract:Signcryption is a cryptographic primitive that can perform digital signature and public encryption simultaneously at a significantly reduced cost. This advantage makes it highly useful in many applications. However, most existing signcryption schemes are seriously challenged by the booming of quantum computations. As an interesting stepping stone in the post-quantum cryptographic community, two lattice-based signcryption schemes were proposed recently. But both of them were merely proved to be secure in the random oracle models. Therefore, the main contribution of this paper is to propose a new lattice-based signcryption scheme that can be proved to be secure in the standard model.

Jianhua Yan,Licheng Wang,Mianxiong Dong,Yixian Yang,Wenbin Yao

DOI: https://doi.org/10.1002/sec.1297

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:Signcryption as a cryptographic primitive can carry out signature and encryption simultaneously at a remarkably reduced cost. Identity-based cryptography is more convenient than public key infrastructure-based cryptography in certificate management. As a result, identity-based signcryption has been studied extensively, and many efficient and provably secure constructions have been proposed. However, most of these schemes are based on intractability assumptions from number theory, and these assumptions have been threatened by the booming quantum computation. Therefore, a recent trend in cryptography is to construct cryptosystems that are based on lattice-based intractability assumptions because of their plausible features of quantum attack resistance. In this paper, several identity-based signcryption schemes from lattice hardness assumptions are proposed. In the standard model, these schemes are indistinguishable against inner adaptively chosen ciphertext attacks (IND-CCA2) and strongly unforgeable against inner chosen message attacks. In our construction, it does not matter whether the original encryption scheme used to construct signcryption is deterministic or probabilistic; the resulted signcryption schemes can reach IND-CCA2 security. To achieve this, we carefully combine three techniques-the identity-based encryption from lattice due to Agrawal-Boneh-Boyen (EUROCRYPT 2010), the framework of lattice-based short signature due to Boyen (Public Key Cryptography 2010), and the Canetti-Halevi-Katz (abbr. CHK) technique, with necessary and tailored optimization-for transforming an (l + 1)-level indistinguishable under chosen plaintext attack secure hierarchical identity-based encryption (HIBE) into an l level IND-CCA2 secure HIBE scheme. In addition, our security proof also contains a more efficient simulation tool that might have separate interest in cryptographic applications. Copyright (C) 2015 John Wiley & Sons, Ltd.

Yongli Tang,Feifei Xia,Qing Ye,Mengyao Wang,Ruijie Mu,Xiaohang Zhang

DOI: https://doi.org/10.1155/2021/9992414

IF: 1.968

2021-09-16

Security and Communication Networks

Abstract:Although most existing linkable ring signature schemes on lattice can effectively resist quantum attacks, they still have the disadvantages of excessive time and storage overhead. This paper constructs an identity-based linkable ring signature (LRS) scheme over NTRU lattice by employing the technologies of trapdoor generation and rejection sampling. The security of this scheme relies on the small integer solution (SIS) problem on NTRU lattice. We prove that this scheme has unconditional anonymity, unforgeability, and linkability under the random oracle model (ROM). Through the performance analysis, this scheme has a shorter size of public/private keys, and when the number of ring members is small (such as N ≤ 8 ), this scheme has a shorter signature size compared with other existing latest lattice-based LRS schemes. The computational efficiency of signature has also been further improved since it only involves multiplication in the polynomial ring and modular operations of small integers. Finally, we implemented our scheme and other similar schemes, and it is shown that the time for the signature generation and verification of this scheme decreases roughly by 44.951% and 33.503%, respectively.

computer science, information systems,telecommunications

Mingxing Hu,Weijiong Zhang,Zhen Liu

DOI: https://doi.org/10.48550/arXiv.2206.12093

2022-06-24

Abstract:Ring signatures enable a user to sign messages on behalf of an arbitrary set of users, called the ring, without revealing exactly which member of that ring actually generated the signature. The signer-anonymity property makes ring signatures have been an active research topic. Recently, Park and Sealfon (CRYPTO 19) presented an important anonymity notion named signer-unclaimability and constructed a lattice-based ring signature scheme with unclaimable anonymity in the standard model, however, it did not consider the unforgeable w.r.t. adversarially-chosen-key attack (the public key ring of a signature may contain keys created by an adversary) and the signature size grows quadratically in the size of ring and message. In this work, we propose a new lattice-based ring signature scheme with unclaimable anonymity in the standard model. In particular, our work improves the security and efficiency of Park and Sealfons work, which is unforgeable w.r.t. adversarially-chosen-key attack, and the ring signature size grows linearly in the ring size.

Cryptography and Security

Fengtong Wen,Jianing Kang

DOI: https://doi.org/10.1109/ECNCT63103.2024.10704287

2024-07-19

Abstract:In today's privacy-conscious world, considering the possible problems of duplicate voting and duplicate payments in voting systems, payment systems and other application scenarios, linked ring signature (LRS) is a reliable option to ensure the need for anonymity. At the same time, to ensure that LRS can effectively defend against potential future security threats such as quantum computers, we propose an improved identity-based linkable ring signature scheme named LDLRS. This scheme uses the lattice structure and the short integer solution (SIS) problem on the lattice, and constructs an efficient and secure ring signature scheme by using the techniques of preimage sampling and reject sampling. After that, we provide the security proof of LDLRS to ensure the security of the scheme in theory. Finally, by analyzing the computational cost, we demonstrate the efficiency advantages of LDLRS in signature generation and verification compared with existing schemes.

Mathematics,Computer Science

Xinjian Chen,Qiong Huang,Hongbo Li,Zhijian Liao,Willy Susilo

DOI: https://doi.org/10.1016/j.tcs.2022.08.022

IF: 1.002

2022-01-01

Theoretical Computer Science

Abstract:Multi-signature is an important technology to compress multiple signatures on the common message into a compact one, thereby reducing the consumption of storage space and transmission bandwidth. Such a cryptographic primitive is widely used in financial applications such as blockchain which requires multiple keys to authorize a transaction. With the advent of quantum computers, traditional multi-signature schemes may no longer be secure as their underlying security assumptions (e.g. RSA or discrete logarithm problems) may not hold anymore. In this paper, we propose a novel identity-based multi-signature (IBMS) scheme over NTRU lattices, which is secure against the attacks of quantum computers. To the best of our knowledge, it is the first lattice-based IBMS scheme. We show that our scheme is provably secure in the random oracle model based on the ring version of the short integer solution assumption (Ring-SIS). Compared with the closely related works in the literature, our scheme enables the signer to select its system identity (such as email address, physical IP address, and etc.) as the public key, which effectively alleviates the certificate management problem in the PKI setting, and takes the advantage of discrete Gaussian distribution instead of uniform distribution to generate secret signing keys and multi-signatures. Besides, our scheme does not require all the system users to setup a trusted common string, which further simplifies the deployment of our scheme in practice.

Liu, Feng-Hao

DOI: https://doi.org/10.1007/s10623-024-01523-6

IF: 1.4

2024-11-25

Designs Codes and Cryptography

Abstract:Achieving tight security is a fundamental task in cryptography. While one of the most important purposes of this task is to improve the overall efficiency of a construction (by allowing smaller security parameters), many current lattice-based instantiations do not completely achieve the goal. Particularly, a super-polynomial modulus seems to be necessary in all prior work for (almost) tight schemes that allow the adversary to conduct queries, such as PRF, IBE, and Signatures. As the super-polynomial modulus would affect the noise-to-modulus ratio and thus increase the parameters, this might cancel out the advantages (in efficiency) brought from the tighter analysis. To determine the full power of tight security/analysis in lattices, it is necessary to determine whether the super-polynomial modulus restriction is inherent. In this work, we remove the super-polynomial modulus restriction for many important primitives—PRF, IBE, all-but-many Lossy Trapdoor Functions, and Signatures. The crux relies on an improvement over the framework of Boyen and Li (Asiacrypt 16), and an almost tight reduction from LWE to LWR, which improves prior work by Alwen et al. (Eurocrypt 13), Bogdanov et al. (TCC 16), and Bai et al. (Asiacrypt 15). By combining these two advances, we are able to derive these almost tight schemes under LWE with a polynomial modulus.

mathematics, applied,computer science, theory & methods

Faguo Wu,Xiao Zhang,Wang Yao,Zhiming Zheng,Lipeng Xiang,Wanpeng Li

DOI: https://doi.org/10.3970/cmc.2018.02664

2018-01-01

Abstract:Signature, widely used in cloud environment, describes the work as readily identifying its creator. The existing signature schemes in the literature mostly rely on the Hardness assumption which can be easily solved by quantum algorithm. In this paper, we proposed an advanced quantum-resistant signature scheme for Cloud based on Eisenstein Ring (ETRUS) which ensures our signature scheme proceed in a lattice with higher density. We proved that ETRUS highly improve the performance of traditional lattice signature schemes. Moreover, the Norm of polynomials decreases significantly in ETRUS which can effectively reduce the amount of polynomials convolution calculation. Furthermore, storage complexity of ETRUS is smaller than classical ones. Finally, according to all convolution of ETRUS enjoy lower degree polynomials, our scheme appropriately accelerate 56.37% speed without reducing its security level.

Huy Quoc Le,Dung Hoang Duong,Willy Susilo,Ha Thanh Nguyen Tran,Viet Cuong Trinh,Josef Pieprzyk,Thomas Plantard

DOI: https://doi.org/10.48550/arXiv.2007.06884

2020-07-14

Abstract:Blind signatures play an important role in both electronic cash and electronic voting systems. Blind signatures should be secure against various attacks (such as signature forgeries). The work puts a special attention to secret key exposure attacks, which totally break digital signatures. Signatures that resist secret key exposure attacks are called forward secure in the sense that disclosure of a current secret key does not compromise past secret keys. This means that forward-secure signatures must include a mechanism for secret-key evolution over time periods. This paper gives a construction of the first blind signature that is forward secure. The construction is based on the SIS assumption in the lattice setting. The core techniques applied are the binary tree data structure for the time periods and the trapdoor delegation for the key-evolution mechanism.

Cryptography and Security

Qun Lin,Hongyang Yan,Zhengan Huang,Wenbin Chen,Jian Shen,Yi Tang

DOI: https://doi.org/10.1109/access.2018.2809426

IF: 3.9

2018-01-01

IEEE Access

Abstract:Identity-based cryptosystems mean that public keys can be directly derived from user identifiers, such as telephone numbers, email addresses, and social insurance number, and so on. So they can simplify key management procedures of certificate-based public key infrastructures and can be used to realize authentication in blockchain. Linearly homomorphic signature schemes allow to perform linear computations on authenticated data. And the correctness of the computation can be publicly verified. Although a series of homomorphic signature schemes have been designed recently, there are few homomorphic signature schemes designed in identity-based cryptography. In this paper, we construct a new ID-based linear homomorphic signature scheme, which avoids the shortcomings of the use of public-key certificates. The scheme is proved secure against existential forgery on adaptively chosen message and ID attack under the random oracle model. The ID-based linearly homomorphic signature schemes can be applied in e-business and cloud computing. Finally, we show how to apply it to realize authentication in blockchain.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yan Ren,Haipeng Guan,Qiuxia Zhao

DOI: https://doi.org/10.1007/s12652-021-03092-1

IF: 3.662

2021-03-16

Journal of Ambient Intelligence and Humanized Computing

Abstract:In this paper, we propose a novel lattice-based linkable ring signature scheme based on the Borromean ring signature. In our scheme, to avoid the extra overhead caused by reject sampling that used in the existing schemes, we use an exact indistinguishable distribution to replace it. Using our method, signature will be successfully generated without repeating, so the size of the signature can be reduced. Furthermore, our scheme can be extended to multiple layers easily. We also propose a lattice-based multilayer linkable ring signature scheme which can be use for transactions with multiple inputs. Then, we prove that our scheme has unforgeability, anonymity, linkability and non-slanderability that a linkable ring signature scheme should have. Efficiency analysis shows that our scheme has a smaller signature size under the same security conditions.

computer science, information systems,telecommunications, artificial intelligence