Xiaojun Zhang,Chunxiang Xu,Chunhua Jin,Run Xie

DOI: https://doi.org/10.1016/j.compeleceng.2013.12.003

IF: 4.152

2014-01-01

Computers & Electrical Engineering

Abstract:All regular cryptographic schemes rely on the security of the secret key. However, with the explosive use of some relatively insecure mobile devices, the key exposure problem has become more aggravated. In this paper, we propose an efficient forward secure identity-based signature (FSIBS) scheme from lattice assumption, with its security based on the small integer solution problem (SIS) in the random oracle model. Our scheme can guarantee the unforgeability of the past signatures even if the current signing secret key is revealed. Moreover, the signature size and the secret key size of our scheme are unchanged and much shorter. To the best of our knowledge, our construction is the first FSIBS scheme based on lattice which can resist quantum attack. Furthermore, we extend our FSIBS scheme to a forward secure identity-based signature scheme in the standard model.

Faguo Wu,Wang Yao,Xiao Zhang,Zhiming Zheng

DOI: https://doi.org/10.1007/s11042-018-6330-9

IF: 2.577

2018-01-01

Multimedia Tools and Applications

Abstract:Identity-based signature schemes enable any pair of users to communicate securely and to verify each other’s identity without exchanging private or public keys, without keeping key directories, and without using the services of a third party. Such paradigms are very suitable for an emerging scenario of Multimedia Social Networks (MSNs), in which there are a large number of users, dynamic interaction and huge content sharing. A revocable identity-based signature(RIBS) scheme, proposed by Tsai et al., provides a revocation mechanism for controlling user’s access dynamically. To capture a realistic and efficient scenario, In 2017, XiaoYing Jia et al. introduced an additional important component, called Cloud Revocation Server(CRS), where most of the computations needed during key-updates are of loaded to the CRS. With the surprising development of quantum computation technology in recent years, IBS schemes mentioned above, based on conventional number theory problem, would become vulnerable. Recently, lattice-based cryptography schemes were proved to be secure against quantum attacks. Although such efficient RIBS scheme based on Computational Diffle-Hellam Problem(CDH) assumption has been proposed, all the lattice-based RIBS do not achieve this realistic and efficient property. In this paper, we propose the first lattice-based RIBS with outsourced Cloud Service Provider(CSP). In our scheme, a user’s private key is composed of both an partial private key and a time update key. The time update key is periodically updated by CSP and is transmitted over a public channel. Based on the hardness assumption of Short Integer Solution (SIS), we demonstrate that the proposed lattice-based RIBS scheme with outsourced revocation in cloud computing provides existential unforgeability against adaptive chosen-message attacks in the random oracle. As compared to the existing IBS schemes over lattices, our RIBS scheme has better performance in terms of energy consumption, signature size, signing key size, and the revocation mechanism with public channels. As the underlying lattice problem is intractable even for quantum computers, our scheme would work well in the quantum age.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.1504/ijesdf.2013.054403

2013-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:Lattice-based hierarchical identity-based signature HIBS schemes are receiving significant attention due to provable security reductions and potential security for quantum computers. However, most of the existing HIBS schemes based on lattices are less efficient for practical applications. To make lattice-based HIBS schemes become more practical, this paper presents an efficient HIBS scheme from lattices. Both the secret key size and the signature length of our proposal are much shorter than those of other lattice-based HIBS proposals. Our scheme is proven to be strongly unforgeable against adaptive identity attacks in the random oracle model. The security of the construction relies on the standard short integer solution SIS assumption.

Xiaojun Zhang,Chunxiang Xu,Yuan Zhang

DOI: https://doi.org/10.3837/tiis.2017.05.025

2017-01-01

KSII Transactions on Internet and Information Systems

Abstract:A fuzzy identity based signature (FIBS) scheme allows a signer with identity omega to generate a signature which could be verified under identity omega' if and only if omega and omega' are within a certain distance of each other as judged by some metric. In this paper, we propose an efficient FIBS scheme from lattice assumption, which can resist quantum-computer attacks. Without using the Bonsai Tree technique, we utilize the lattice basis delegation technique to generate the private key, which has the advantage of keeping the lattice dimension invariant. We also prove that our proposed scheme is existentially unforgeable under an adaptive chosen message and identity attack in the random oracle model. Compared with existing scheme, our proposed scheme is much more efficient, especially in terms of communication overhead. Since our FIBS scheme possesses similar error-tolerance property, it can be well applied in post-quantum communication biometric authentication environments, where biometric identifiers such as fingerprints, voice, iris and gait are used in human identification.

Xinjian Chen,Qiong Huang,Hongbo Li,Zhijian Liao,Willy Susilo

DOI: https://doi.org/10.1016/j.tcs.2022.08.022

IF: 1.002

2022-01-01

Theoretical Computer Science

Abstract:Multi-signature is an important technology to compress multiple signatures on the common message into a compact one, thereby reducing the consumption of storage space and transmission bandwidth. Such a cryptographic primitive is widely used in financial applications such as blockchain which requires multiple keys to authorize a transaction. With the advent of quantum computers, traditional multi-signature schemes may no longer be secure as their underlying security assumptions (e.g. RSA or discrete logarithm problems) may not hold anymore. In this paper, we propose a novel identity-based multi-signature (IBMS) scheme over NTRU lattices, which is secure against the attacks of quantum computers. To the best of our knowledge, it is the first lattice-based IBMS scheme. We show that our scheme is provably secure in the random oracle model based on the ring version of the short integer solution assumption (Ring-SIS). Compared with the closely related works in the literature, our scheme enables the signer to select its system identity (such as email address, physical IP address, and etc.) as the public key, which effectively alleviates the certificate management problem in the PKI setting, and takes the advantage of discrete Gaussian distribution instead of uniform distribution to generate secret signing keys and multi-signatures. Besides, our scheme does not require all the system users to setup a trusted common string, which further simplifies the deployment of our scheme in practice.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.3233/FI-2016-1353

2016-01-01

Fundamenta Informaticae

Abstract:Identity-based signature is an important technique for light-weight authentication. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions since they would remain secure in future quantum age. In this paper we present a new identity-based signature scheme from lattice problems. This scheme is more efficient than other lattice-based identity-based signature schemes in terms of both computation and communication complexities. We prove its security in the random oracle model under short integer solution assumption that is as hard as approximating several worst-case lattice problems. We also extend the scheme to an identity-based message recovery signature scheme that has better performance.

Congge Xie,Jian Weng,Dehua Zhou

DOI: https://doi.org/10.1016/j.ins.2022.02.027

IF: 8.1

2022-05-01

Information Sciences

Abstract:Fully homomorphic signature schemes in identity-based settings can provide authenticity, homomorphism, and non-repudiation as do traditional digital signatures, while simplifying the public key infrastructure (PKI) requirements, in which each user in the system can use his or her identity as a public key. As identity-based systems (IBS) have a natural link between unique identity information and the user, allowing user revocation is usually more difficult in IBS than in PKI settings. Although several revocable identity-based fully homomorphic signature (RIBFHS) schemes have been proposed, these schemes are vulnerable to signing key exposure. With this study, we are the first to consider a realistic threat signing key exposure in RIBFHS systems. In addition, we introduce a new security definition of RIBFHS with signing key exposure resistance. Then, we employ Agrawal’s left–right lattices and delegation technology in fixed dimensions to construct a new RIBFHS scheme over the lattice with regularly broadcasted update keys, which not only resists signing key exposure, but also meets scalability and context hiding properties. Finally, we prove that our construction is existentially unforgeable against chosen message attacks under the standard short integer solution (SIS) assumption in the random oracle model.

computer science, information systems

Miaomiao Tian,Liusheng Huang,Wei Yang

2012-01-01

Abstract:Hierarchical identity-based signature (HIBS), which plays an important role in large communities, is a generalization of identity-based signature (IBS). In this paper, we present a new HIBS scheme from lattices without random oracles. The new scheme is proven to be strongly unforgeable against selective identity attacks under the standard hardness assumption of the short integer solution (SIS) problem. Furthermore, the secret key size and the signature length of our scheme are both invariant and much shorter than those of the previous lattice-based HIBS schemes. To the best of our knowledge, our construction is the flrst short lattice-based HIBS scheme in the standard model.

Renjie Jin,Longjiang Qu,Rongmao Chen,Zhichao Yang,Yi Wang

DOI: https://doi.org/10.1016/j.ins.2023.120083

IF: 8.1

2024-01-05

Information Sciences

Abstract:The Internet of Things (IoT) is gaining popularity as it can effectively connect the real world with the Internet. However, security and privacy issues are widely considered the major obstructions to its widespread adoption. Hence, various cryptographic tools (e.g., encryption and signature schemes) have been proposed to build secure and authenticated channels for data communication in IoT. In this work, we investigate the well-known encryption scheme called identity-based encryption (IBE) for IoT-oriented applications. In particular, we are mainly interested in forward-secure IBE (fs-IBE) which could still protect the data transferred in the past when the current secret key stored in the IoT device is stolen. To this end, we propose an fs-IBE scheme which, as far as we know, is the first construction of fs-IBE that can resist quantum attacks. Our scheme is based on the lattice-based hardness assumption namely Learning with Error (LWE), which is widely adopted for designing other quantum-resistant cryptographic schemes. At the core of our design is the minimal cover mechanism in the context of binary tree and we rigorously prove the security of our scheme in the forward-secure, selective ID, chosen-plaintext attack (CPA) model. Besides the post-quantum security, our scheme enjoys comparatively compact ciphertext and secret key, and thus it is suitable for bandwidth-limited IoT communication.

computer science, information systems

BaoHong Li,YanZhi Liu,Sai Yang

DOI: https://doi.org/10.1109/icebe.2018.00062

2018-01-01

Abstract:Universal designated verifier signatures can be used to resolve the conflict between authenticity and privacy in some applications. However, all of existing constructions for this primitive are based on hard problems in number theory, and will be ultimately broken in quantum era. To address this issue, we construct the first lattice-based universal designated verifier signatures as a post-quantum candidate for this primitive. Our construction is obtained by directly extending a ring-based variant of the Gentry-Peikert-Vaikuntanathan signature scheme with some additional algorithms, thus the existing key generation and signing implementation can be used without modification. We also show that our construction is provably secure under the Small Integer Solution problem over rings, in the random oracle model.

Yiming Li,Shengli Liu

DOI: https://doi.org/10.3233/jcs-220121

2024-01-01

Journal of Computer Security

Abstract:Identity-based chameleon hash (IBCH) is a cryptographic primitive with nice properties. IBCH equips each user with a trapdoor and the hash values can be publicly evaluated w.r.t. the identity of any user. On the one hand, it is hard to find collisions for the hash values without the user’s trapdoor. On the other hand, with the help of the user’s trapdoor, finding collisions becomes easy. An important application of IBCH is to upgrade an identity-based signature (IBS) scheme to an on-line/off-line identity-based signature (OO-IBS) scheme. OO-IBS is a useful tool to provide authenticity in lightweight smart devices, since it only involves light on-line computations and does not need key certificate. Up to now, there are many IBCH constructions from traditional number-theoretic assumptions like RSA, CDH, etc. However, none of the existing IBCH schemes achieve the post-quantum security in the standard model. In this paper, we propose a new IBCH scheme from lattices. The security of our IBCH is reduced to a well-accepted lattice-based assumption – the Short Integer Solution (SIS) assumption in the standard model. Our work provides the first post-quantum solution to IBCH in the standard model.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.3233/FI-2016-1353

2016-01-01

Fundamenta Informaticae

Abstract:Identity-based signature is an important technique for light-weight authentication. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions since they would remain secure in future quantum age. In this paper we present a new identity-based signature scheme from lattice problems. This scheme is more efficient than other lattice-based identity-based signature schemes in terms of both computation and communication complexities. We prove its security in the random oracle model under short integer solution assumption that is as hard as approximating several worst-case lattice problems. We also extend the scheme to an identity-based message recovery signature scheme that has better performance.

Xiao Zhang,Faguo Wu,Wang Yao,Wenhua Wang,Zhiming Zheng

DOI: https://doi.org/10.32604/cmc.2020.08008

2020-01-01

Abstract:Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies, and has recently attracted intensive attention from governments, financial institutions, high-tech enterprises, and the capital markets. Its cryptographic security relies on asymmetric cryptography, such as ECC, RSA. However, with the surprising development of quantum technology, asymmetric cryptography schemes mentioned above would become vulnerable. Recently, lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era. In 2018, with the aid of Bonsai Trees technology, Yin et al. [Yin, Wen, Li et al. (2018)] proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key. Although their scheme has theoretical significance, it is unpractical in actual situation due to extremely large key size and signature size. In this paper, aiming at tackling the critical issue of transaction size, we propose a post quantum blockchain over lattice. By using SampleMat and signature without trapdoor, we can reduce the key size and signature size of our transaction authentication approach by a significant amount. Instead of using a whole set of vectors as a basis, we can use only one vector and rotate it enough times to form a basis. Based on the hardness assumption of Short Integer Solution (SIS), we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle. As compared to the Yin et al. [Yin, Wen, Li et al. (2018)] scheme, our scheme has better performance in terms of energy consumption, signature size and signing key size. As the underlying lattice problem is intractable even for quantum computers, our scheme would work well in the quantum age.

Jianhua Yan,Licheng Wang,Mianxiong Dong,Yixian Yang,Wenbin Yao

DOI: https://doi.org/10.1002/sec.1297

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:Signcryption as a cryptographic primitive can carry out signature and encryption simultaneously at a remarkably reduced cost. Identity-based cryptography is more convenient than public key infrastructure-based cryptography in certificate management. As a result, identity-based signcryption has been studied extensively, and many efficient and provably secure constructions have been proposed. However, most of these schemes are based on intractability assumptions from number theory, and these assumptions have been threatened by the booming quantum computation. Therefore, a recent trend in cryptography is to construct cryptosystems that are based on lattice-based intractability assumptions because of their plausible features of quantum attack resistance. In this paper, several identity-based signcryption schemes from lattice hardness assumptions are proposed. In the standard model, these schemes are indistinguishable against inner adaptively chosen ciphertext attacks (IND-CCA2) and strongly unforgeable against inner chosen message attacks. In our construction, it does not matter whether the original encryption scheme used to construct signcryption is deterministic or probabilistic; the resulted signcryption schemes can reach IND-CCA2 security. To achieve this, we carefully combine three techniques-the identity-based encryption from lattice due to Agrawal-Boneh-Boyen (EUROCRYPT 2010), the framework of lattice-based short signature due to Boyen (Public Key Cryptography 2010), and the Canetti-Halevi-Katz (abbr. CHK) technique, with necessary and tailored optimization-for transforming an (l + 1)-level indistinguishable under chosen plaintext attack secure hierarchical identity-based encryption (HIBE) into an l level IND-CCA2 secure HIBE scheme. In addition, our security proof also contains a more efficient simulation tool that might have separate interest in cryptographic applications. Copyright (C) 2015 John Wiley & Sons, Ltd.

Hong Zhao,Yan-yan Han,Shuhan Yu,Kaili Dou

DOI: https://doi.org/10.1117/12.2685750

2023-08-15

Abstract:The certificateless cryptography solves the certificate management and key escrow problems in the Internet of Things. However, these schemes are no longer safe in the quantum environment. Lattice cryptography has become the main method to solve quantum security. At present, only a few lattice-based certificateless signature schemes have been proposed and the use of the trapdoor function limits the efficiency of the lattice cryptography, and the security of these schemes can only reach existential unforgeability. We construct a lattice-based certificateless signature scheme based on Lyubashevsky's signature scheme. The security of our scheme can reach strong unforgeability and the computational efficiency of our scheme is lower than the previous schemes.

Computer Science,Engineering

Fengxia Liu,Zhiyong Zheng,Zixian Gong,Kun Tian,Yi Zhang,Zhe Hu,Jia Li,Qun Xu

DOI: https://doi.org/10.1186/s42400-023-00198-1

2024-04-04

Abstract:Lattice-based digital signature has become one of the widely recognized post-quantum algorithms because of its simple algebraic operation, rich mathematical foundation and worst-case security, and also an important tool for constructing cryptography. This survey explores lattice-based digital signatures, a promising post-quantum resistant alternative to traditional schemes relying on factoring or discrete logarithm problems, which face increasing risks from quantum computing. The study covers conventional paradigms like Hash-and-Sign and Fiat-Shamir, as well as specialized applications including group, ring, blind, and proxy signatures. It analyzes the versatility and security strengths of lattice-based schemes, providing practical insights. Each chapter summarizes advancements in schemes, identifying emerging trends. We also pinpoint future directions to deploy lattice-based digital signatures including quantum cryptography.

Simin Chen,Jiageng Chen

DOI: https://doi.org/10.1016/j.heliyon.2023.e14917

IF: 3.776

2023-03-28

Heliyon

Abstract:Group signatures allow users to sign messages on behalf of a group without revealing authority is capable of identifying the user who generated it. However, the exposure of the user's signing key will severely damage the group signature scheme. In order to reduce the loss caused by signing key leakage, Song proposed the first forward-secure group signature. If a group signing key is revealed at the current time period, the previous signing key will not be affected. This means that the attacker cannot forge group signatures regarding messages signed in the past. To resist quantum attacks, many lattice-based forward-secure group signatures have been proposed. However, their key-update algorithm is expensive since they require some costly computations such as the Hermite normal form (HNF) operations and conversion from a full-rank set of lattice vectors into a basis. In this paper, we propose the group signature with forward security from lattice. In comparison with previous works, we have several advantages: Firstly, our scheme is more effective since we only need to sample some vectors independently from a discrete Gaussian during the key-update algorithm. Secondly, the derived secret key size is linear instead of quadratic with the lattice dimensions, which is more friendly towards lightweight applications. Anonymous authentication plays an increasingly critical role in protecting privacy and security in the environment where private information could be collected for intelligent analysis. Our work contributes to the anonymous authentication in the post-quantum setting, which has wide potential applications in the IoT environment.

Jiang Zhang,Yu Chen,Zhenfeng Zhang

DOI: https://doi.org/10.1007/s00145-023-09488-w

2023-12-01

Journal of Cryptology

Abstract:Driven by the open problem raised by Hofheinz and Kiltz (J Cryptol 25(3):484–527, 2012), we study the formalization of lattice-based programmable hash function (PHF) and give three types of concrete constructions by using several techniques such as a novel combination of cover-free sets and lattice trapdoors. Under the inhomogeneous small integer solution (ISIS) assumption, we show that any (non-trivial) lattice-based PHF is a collision-resistant hash function, which gives a direct application of this new primitive. We further demonstrate the power of lattice-based PHF by giving generic constructions of signature and identity-based encryption (IBE) in the standard model, which not only provide a way to unify several previous lattice-based schemes using the partitioning proof techniques, but also allow us to obtain new short signature schemes and IBE schemes from (ideal) lattices. Specifically, by instantiating the generic constructions with our Type-II and Type-III PHF constructions, we immediately obtain two short signatures and two IBE schemes with asymptotically much shorter keys. A major downside which inherits from our Type-II and Type-III PHF constructions is that we can only prove the security of the new signatures and IBEs in the bounded security model that the number Q of the adversary's queries is required to be known in advance. Another downside is that the computational time of our new signatures and IBEs is a linear function of Q , which is large for typical parameters. To overcome the above limitations, we also give a refined way of using Type-II and Type-III PHFs to construct lattice-based short signatures with short verification keys in the full security model. In particular, our methods depart from the confined guessing technique of Böhl et al. (Eurocrypt'13) that was used to construct previous standard model short signature schemes with short verification keys by Ducas and Micciancio (Crypto'14) and by Alperin-Sheriff (PKC'15) and allow us to achieve much tighter security from weaker hardness assumptions.

computer science, theory & methods,engineering, electrical & electronic,mathematics, applied

Faguo Wu,Wang Yao,Xiao Zhang,Wenhua Wang,Zhiming Zheng

DOI: https://doi.org/10.1002/dac.3867

2019-01-01

International Journal of Communication Systems

Abstract:Proxy signature scheme is an important cryptographic primitive, for an entity can delegate his signing right to another entity. Although identity-based proxy signature schemes based on conventional number-theoretic problems have been proposed for a long time, the researchers have paid less attention to lattice-based proxy signature schemes that can resist quantum attack. In this paper, we first propose an identity-based proxy signature scheme over Number Theory Research Unit (NTRU)-lattice. We proved that the proposed paradigm is secure under the hardness of the gamma-shortest vector problem on the NTRU lattice in random oracle model; furthermore, the comparison with some existing schemes shows our scheme is more efficient in terms of proxy signature secret key size, proxy signature size, and computation complexity. As the elemental problem of the proposed scheme is difficult even for quantum computation model, our scheme can work well in quantum age.

Bao-Hong Li,Hongping Zhao,Jiacheng Li

DOI: https://doi.org/10.1145/3424978.3425018

2020-01-01

Abstract:We present a lattice-based concurrent signature construction as a post-quantum solution to fair exchange of digital signatures. Our construction has the following two desirable features: (1) it is adaptively secure in the standard model, that is, its security does not rely on the random oracle assumption, and (2) it achieves anonymity, a stronger security notion than ambiguity. That is, before the release of the keystone, from a third party's point of view, a signature in our construction could be generated by anyone, not just limited to two parties involved in the exchange. We obtain these results by applying a novel idea to the lattice-based signatures due to Boyen.