Jie Cai,Han Jiang,Hao Wang,Qiuliang Xu

DOI: https://doi.org/10.1155/2020/8857815

IF: 1.968

2020-10-28

Security and Communication Networks

Abstract:In this paper, we design a new lattice-based linearly homomorphic signature scheme over F 2 . The existing schemes are all constructed based on hash-and-sign lattice-based signature framework, where the implementation of preimage sampling function is Gaussian sampling, and the use of trapdoor basis needs a larger dimension m ≥ 5 n log q . Hence, they cannot resist potential side-channel attacks and have larger sizes of public key and signature. Under Fiat–Shamir with aborting signature framework and general SIS problem restricted condition m ≥ n log q , we use uniform sampling of filtering technology to design the scheme, and then, our scheme has a smaller public key size and signature size than the existing schemes and it can resist side-channel attacks.

computer science, information systems,telecommunications

TIAN Miao-Miao,HUANG Liu-Sheng,YANG Wei

DOI: https://doi.org/10.3724/sp.j.1016.2012.00712

2012-01-01

Chinese Journal of Computers

Abstract:An efficient and secure ring signature scheme has a number of important applications.In this paper,we present a new lattice-based ring signature scheme and prove its security in the standard model.The proposed scheme is strongly unforgeable against adaptive chosen message attacks under the standard small integer solution(SIS) assumption.Compared with the existing lattice-based ring signature schemes without random oracles,our new scheme enjoys shorter signature length,high efficiency and stronger security.

Hong Zhao,Yan-yan Han,Shuhan Yu,Kaili Dou

DOI: https://doi.org/10.1117/12.2685750

2023-08-15

Abstract:The certificateless cryptography solves the certificate management and key escrow problems in the Internet of Things. However, these schemes are no longer safe in the quantum environment. Lattice cryptography has become the main method to solve quantum security. At present, only a few lattice-based certificateless signature schemes have been proposed and the use of the trapdoor function limits the efficiency of the lattice cryptography, and the security of these schemes can only reach existential unforgeability. We construct a lattice-based certificateless signature scheme based on Lyubashevsky's signature scheme. The security of our scheme can reach strong unforgeability and the computational efficiency of our scheme is lower than the previous schemes.

Computer Science,Engineering

OUYANG Weiping,MA Chunguang,LI Zengpeng,DU Gang

DOI: https://doi.org/10.11990/jheu.201602046

2017-01-01

Abstract:To construct a homomorphic scheme that supports the homomorphic computation of signatures in certain signature sets on arbitrary circuits, we used trapdoor sampling technology to construct a leveled fully homomorphic signature scheme based on the AND and XOR gates, which can support homomorphic computation on arbitrary cir-cuits. In addition, the size of the new signature is independent of the circuit size and initial signature sizes, but de-pends on the depth of the circuits and security parameters. We verified the security of this scheme using the random oracle model based on the difficulty of finding small integer solutions ( SIS) in lattices. Users can conduct leveled homomorphic computation on a designated signature set despite not knowing the secret key. Published research has also focused on linear and polynomial homomorphic schemes.

Xuan Zhou,Yuan Tian,Weidong Zhong,Tanping Zhou,Xiaoyuan Yang

DOI: https://doi.org/10.7717/peerj-cs.1978

2024-03-28

PeerJ Computer Science

Abstract:Linearly homomorphic signature (LHS) allows the acquisition of a new legal signature using the homomorphic operation of the original signatures. However, the public composability of LHS also prevents it from being used in some scenarios where the combiner needs to be designated. The LZZ22 scheme designates a combiner and preserves the signature structure by having the signer and the designated combiner share a secret. However, LZZ22 is not secure enough because the secret is constant. Here, we first prove that there is a polynomial time adversary that can crack the secret in LZZ22 through multiple signature queries. Then, we propose a new scheme, which realizes all the functions of LZZ22 and fixes the security problem by changing the secret with the message. The proposed scheme is shown to be secure against existential forgery on adaptively chosen subspace attacks under the random oracle model. Finally, we detail how to apply our scheme to the proxy signature and perform it on a personal computer, and the results show that our scheme is efficient.

computer science, information systems, artificial intelligence, theory & methods

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.3233/FI-2016-1353

2016-01-01

Fundamenta Informaticae

Abstract:Identity-based signature is an important technique for light-weight authentication. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions since they would remain secure in future quantum age. In this paper we present a new identity-based signature scheme from lattice problems. This scheme is more efficient than other lattice-based identity-based signature schemes in terms of both computation and communication complexities. We prove its security in the random oracle model under short integer solution assumption that is as hard as approximating several worst-case lattice problems. We also extend the scheme to an identity-based message recovery signature scheme that has better performance.

Zhenhua Liu,Yupu Hu,Xiangsong Zhang,Fagen Li

DOI: https://doi.org/10.1002/sec.531

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:ABSTRACTAn identity‐based signature scheme from lattices is constructed. The scheme is obtained from a modification of Agrawal, Boneh, and Boyen's lattice identity‐based encryption scheme. In this construction, we use two distinct trapdoors for finding short bases. One trapdoor enables the real implementation to generate short bases for all lattices. The other trapdoor enables the simulator to generate short bases for all lattices. Furthermore, the generating short bases are used to sample short vectors as signatures. Our scheme is computationally efficient. The scheme's strong unforgeability is proven in the standard model and rests on the hardness of the small integer solution problem. Finally, we extend the basic construction to obtain a hierarchical identity‐based signature scheme. Copyright © 2012 John Wiley & Sons, Ltd.

Yan Xu,Miaomiao Tian,Liusheng Huang,Wei Yang

2014-01-01

Abstract:Recently, Boyen at PKC 2010 proposed a lattice-based signature scheme in the standard model. In this paper, we show that his signature scheme does not satisfy strong unforgeability. In other words, an adversary can produce a new signature for a message M after seeing a signature of the message M. Then we present an improved scheme and prove that the improved scheme satisfies strong unforgeability. Furthermore, the improved signature scheme is as efficient as Boyen’s signature scheme.

liusheng huang,miaomiao tian

DOI: https://doi.org/10.1002/sec.1105

IF: 1.968

2014-01-01

Security and Communication Networks

Abstract:Certificateless signature and certificate-based signature are two attractive replacements of regular signature and identity-based signature because they can alleviate the vexing certificate management problem in regular signatures and can also eliminate the inherent key escrow problem in identity-based signatures. Although a number of certificateless signatures and certificate-based signatures from bilinear pairings have been proposed, their lattice-based counterparts still remain unrealized. In this paper, we present the first constructions of certificateless signature and certificate-based signature from lattices. Both constructions are proven to be secure in the random oracle model under conventional small integer solution assumption that is as hard as approximating several standard lattice problems. Copyright (c) 2014 John Wiley & Sons, Ltd.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.3233/FI-2016-1353

2016-01-01

Fundamenta Informaticae

Abstract:Identity-based signature is an important technique for light-weight authentication. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions since they would remain secure in future quantum age. In this paper we present a new identity-based signature scheme from lattice problems. This scheme is more efficient than other lattice-based identity-based signature schemes in terms of both computation and communication complexities. We prove its security in the random oracle model under short integer solution assumption that is as hard as approximating several worst-case lattice problems. We also extend the scheme to an identity-based message recovery signature scheme that has better performance.

Xianping Mao,Kefei Chen,Liangliang Wang,Yu Long

DOI: https://doi.org/10.1109/incos.2014.41

2014-01-01

Abstract:Fair exchange is essential in E-commerce, and concurrent signature realizes the fair exchange of digital signatures with removing the requirement of a trusted third party. Multi-party concurrent signature is an extension to the multi-user scenario. The security of existing multi-party concurrent signatures is mostly based on traditional hard problems that could be solved efficiently with quantum algorithms in a post-quantum world. Meanwhile, the lattice-based cryptography is considered to be resistant to quantum attack. Wang et al. proposed a lattice-based multi-party concurrent signature. We give the analysis of their proposed signature scheme and find that it is not secure since an inside adversary can forge the signature. Moreover, the initial signer can produce any signatures, instead of a signature on the original messages, if he is malicious.

Xiaojun Zhang,Chunxiang Xu,Chunhua Jin,Run Xie

DOI: https://doi.org/10.1016/j.compeleceng.2013.12.003

IF: 4.152

2014-01-01

Computers & Electrical Engineering

Abstract:All regular cryptographic schemes rely on the security of the secret key. However, with the explosive use of some relatively insecure mobile devices, the key exposure problem has become more aggravated. In this paper, we propose an efficient forward secure identity-based signature (FSIBS) scheme from lattice assumption, with its security based on the small integer solution problem (SIS) in the random oracle model. Our scheme can guarantee the unforgeability of the past signatures even if the current signing secret key is revealed. Moreover, the signature size and the secret key size of our scheme are unchanged and much shorter. To the best of our knowledge, our construction is the first FSIBS scheme based on lattice which can resist quantum attack. Furthermore, we extend our FSIBS scheme to a forward secure identity-based signature scheme in the standard model.

Mingxing Hu,Zhen Liu

2022-01-01

Abstract:Ring signatures enable a user to sign messages on behalf of an arbitrary set of users, called the ring. The anonymity of the scheme guarantees that the signature does not reveal which member of the ring signed the message. The notion of linkable ring signatures (LRS) is an extension of the concept of ring signatures such that there is a public way of determining whether two signatures have been produced by the same signer. Lattice-based LRS is an important and active research line, since lattice-based cryptography has attracted more attention due to its distinctive features especially the quantum resistant. However, all the existing lattice-based LRS relied on random oracle heuristics, i.e., no lattice-based LRS in the standard model has been introduced so far. In this paper, we present a lattice-based LRS scheme based on the wellstudied standard lattice assumptions (SIS and LWE) in the standard model.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.1504/ijesdf.2013.054403

2013-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:Lattice-based hierarchical identity-based signature HIBS schemes are receiving significant attention due to provable security reductions and potential security for quantum computers. However, most of the existing HIBS schemes based on lattices are less efficient for practical applications. To make lattice-based HIBS schemes become more practical, this paper presents an efficient HIBS scheme from lattices. Both the secret key size and the signature length of our proposal are much shorter than those of other lattice-based HIBS proposals. Our scheme is proven to be strongly unforgeable against adaptive identity attacks in the random oracle model. The security of the construction relies on the standard short integer solution SIS assumption.

Jiaxin Pan,Benedikt Wagner

DOI: https://doi.org/10.1007/978-3-030-81293-5_19

2021-01-01

Abstract:We construct a short and adaptively secure identity-based signature scheme tightly based on the well-known Short Integer Solution (SIS) assumption. Although identity-based signature schemes can be tightly constructed from either standard signature schemes against adaptive corruptions in the multi-user setting or a two-level hierarchical identity-based encryption scheme, neither of them is known with short signature size and tight security based on the SIS assumption. Here “short” means the signature size is independent of the message length, which is in contrast to the tree-based (tight) signatures.Our approach consists of two steps: Firstly, we give two generic transformations (one with random oracles and the other without) from non-adaptively secure identity-based signature schemes to adaptively secure ones tightly. Our idea extends the similar transformation for digital signature schemes. Secondly, we construct a non-adaptively secure identity-based signature scheme based on the SIS assumption in the random oracle model.

Xiao Zhang,Shengli Liu,Jiaxin Pan,Dawu Gu

DOI: https://doi.org/10.1016/j.tcs.2019.07.015

IF: 1.002

2019-01-01

Theoretical Computer Science

Abstract:In this paper, we study how to construct tightly secure signature scheme against adaptive chosen message attacks in the multi-user setting (i.e., tightly euf-m-cma secure signature) from the learning with errors (LWE) assumptions. More precisely, we propose a modular framework of euf-m-cma secure signature from a weak partial one-time signature (POS) scheme that is secure only against random message attacks in the multi-user setting (i.e., euf-m-rma secure) and possesses imperfect correctness. By instantiating the weak POS with the LWE assumption, we obtain the first LWE-based tightly euf-m-cma secure signature scheme in the multi-user setting. Moreover, we also present an instantiation of the weak POS based on the Subset Sum (SS) assumption, and again we obtain the first almost tightly euf-cma secure signature scheme from the SS assumption in the single-user setting. All our security reductions are tight and without random oracles.

Bao-Hong Li,Hongping Zhao,Jiacheng Li

DOI: https://doi.org/10.1145/3424978.3425018

2020-01-01

Abstract:We present a lattice-based concurrent signature construction as a post-quantum solution to fair exchange of digital signatures. Our construction has the following two desirable features: (1) it is adaptively secure in the standard model, that is, its security does not rely on the random oracle assumption, and (2) it achieves anonymity, a stronger security notion than ambiguity. That is, before the release of the keystone, from a third party's point of view, a signature in our construction could be generated by anyone, not just limited to two parties involved in the exchange. We obtain these results by applying a novel idea to the lattice-based signatures due to Boyen.

Jia Xie,Yupu Hu,Juntao Gao,Wen Gao,Mingming Jiang

DOI: https://doi.org/10.3837/tiis.2016.10.030

2016-01-01

KSII Transactions on Internet and Information Systems

Abstract:Because of the advantages of certificateless and no escrow feature over the regular signature and identity-based signature, certificateless signature has been widely applied in e-business, e-government and software security since it was proposed in 2003. Although a number of certificateless signature schemes have been proposed, there is only one lattice-based certificateless signature scheme which is still secure in the quantum era. But its efficiency is not very satisfactory. In this paper, the first certificateless signature scheme on NTRU lattice is proposed, which is proven to be secure in random oracle model. Moreover, the efficiency of the new scheme is higher than that of the only one lattice-based certificateless signature.

Miaomiao Tian,Liusheng Huang,Wei Yang

2012-01-01

Abstract:Hierarchical identity-based signature (HIBS), which plays an important role in large communities, is a generalization of identity-based signature (IBS). In this paper, we present a new HIBS scheme from lattices without random oracles. The new scheme is proven to be strongly unforgeable against selective identity attacks under the standard hardness assumption of the short integer solution (SIS) problem. Furthermore, the secret key size and the signature length of our scheme are both invariant and much shorter than those of the previous lattice-based HIBS schemes. To the best of our knowledge, our construction is the flrst short lattice-based HIBS scheme in the standard model.

Chi Zhang

2024-09-13

Abstract:Lattices have many significant applications in cryptography. In 2021, the $p$-adic signature scheme and public-key encryption cryptosystem were introduced. They are based on the Longest Vector Problem (LVP) and the Closest Vector Problem (CVP) in $p$-adic lattices. These problems are considered to be challenging and there are no known deterministic polynomial time algorithms to solve them. In this paper, we improve the LVP algorithm in local fields. The modified LVP algorithm is a deterministic polynomial time algorithm when the field is totally ramified and $p$ is a polynomial in the rank of the input lattice. We utilize this algorithm to attack the above schemes so that we are able to forge a valid signature of any message and decrypt any ciphertext. Although these schemes are broken, this work does not mean that $p$-adic lattices are not suitable in constructing cryptographic primitives. We propose some possible modifications to avoid our attack at the end of this paper.

Cryptography and Security,Number Theory