Skip to main content
SpringerLink
Log in

Lattice-Based Group Signatures with Verifier-Local Revocation: Achieving Shorter Key-Sizes and Explicit Traceability with Ease

  • Conference paper
  • First Online:
Cryptology and Network Security (CANS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11829))

Included in the following conference series:

Abstract

For lattice-based group signatures (GS) with verifier-local revocation (VLR), it only requires the verifiers to possess up-to-date group information (i.e., a revocation list, RL, consists of a series of revocation tokens for revoked members), but not the signers. The first such scheme was introduced by Langlois et al. in 2014, and subsequently, a full and corrected version (to fix a flaw in the original revocation mechanism) was proposed by Ling et al. in 2018. However, both constructions are within the structure of a Bonsai Tree, and thus features bit-sizes of the group public-key and the member secret-key proportional to \(\log N\), where N is the maximum number of group members. On the other hand, the tracing algorithm for both schemes runs in a linear time in N (i.e., one by one, until the real signer is traced). Therefore for a large group, the tracing algorithm of conventional GS-VLR is not convenient and both lattice-based constructions are not that efficient.

    In this work, we propose a much more efficient lattice-based GS-VLR, which is efficient by saving the \(\mathcal {O}(\log N)\) factor for both bit-sizes of the group public-key and the member secret-key. Moreover, we achieve this result in a relatively simple manner. Starting with Nguyen et al.’s efficient and compact identity-encoding technique in 2015 - which only needs a constant number of matrices to encode the member’s identity, we develop an improved identity-encoding function, and introduce an efficient Stern-type statistical zero-knowledge argument of knowledge (ZKAoK) protocol corresponding to our improved identity-encoding function, which may be of independent cryptographic interest.

    Furthermore, we demonstrate how to equip the obtained lattice-based GS-VLR with explicit traceability (ET) in some simple way. This attractive functionality, only satisfied in the non-VLR constructions, can enable the tracing authority in lattice-based GS-VLR to determine the signer’s real identity in a constant time, independent of N. In the whole process, we show that the proposed scheme is proven secure in the random oracle model (ROM) based on the hardness of the Short Integer Solution (SIS) problem, and the Learning With Errors (LWE) problem.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553–572. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_28

    Chapter  MATH  Google Scholar 

  2. Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: STOC, pp. 99–108. ACM (1996). https://doi.org/10.1145/237814.237838

  3. Alwen, J., Peikert, C.: Generating shorter bases for hard random lattices. Theory Comput. Syst. 48(3), 535–553 (2011). https://doi.org/10.1007/s00224-010-9278-3

    Article  MathSciNet  MATH  Google Scholar 

  4. Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_38

    Chapter  Google Scholar 

  5. Bellare, M., Shi, H., Zhang, C.: Foundations of group signatures: the case of dynamic groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3_11

    Chapter  Google Scholar 

  6. Boneh, D., Shacham, H.: Group signatures with verifier-local revocation. In: CCS, pp. 168–177. ACM (2004). https://doi.org/10.1145/1030083.1030106

  7. Bootle, J., Cerulli, A., Chaidos, P., Ghadafi, E., Groth, J.: Foundations of fully dynamic group signatures. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 117–136. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_7

    Chapter  Google Scholar 

  8. Camenisch, J., Neven, G., Rückert, M.: Fully anonymous attribute tokens from lattices. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 57–75. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32928-9_4

    Chapter  Google Scholar 

  9. Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 523–552. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_27

    Chapter  Google Scholar 

  10. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-46416-6_22

    Chapter  Google Scholar 

  11. Gao, W., Hu, Y., Zhang, Y., Wang, B.: Lattice-Based Group Signature with Verifier-Local Revocation. J. Shanghai JiaoTong Univ. (Sci.) 22(3), 313–321 (2017). https://doi.org/10.1007/s12204-017-1837-1

    Article  Google Scholar 

  12. Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoor for hard lattices and new cryptographic constructions. In: STOC, pp. 197–206. ACM (2008) https://doi.org/10.1145/1374376.1374407

  13. Gordon, S.D., Katz, J., Vaikuntanathan, V.: A group signature scheme from lattice assumptions. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 395–412. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_23

    Chapter  Google Scholar 

  14. Katsumata, S., Yamada, S.: Group signatures without NIZK: from lattices in the standard model. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 312–344. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17659-4_11

    Chapter  Google Scholar 

  15. Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372–389. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_23

    Chapter  Google Scholar 

  16. Kiayias, A., Yung, M.: Secure scalable group signature with dynamic joins and separable authorities. Int. J. Secur. Netw. 1(1/2), 24–45 (2006). https://doi.org/10.1504/ijsn.2006.010821

    Article  Google Scholar 

  17. Laguillaumie, F., Langlois, A., Libert, B., Stehlé, D.: Lattice-based group signatures with logarithmic signature size. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 41–61. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42045-0_3

    Chapter  Google Scholar 

  18. Langlois, A., Ling, S., Nguyen, K., Wang, H.: Lattice-based group signature scheme with verifier-local revocation. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 345–361. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_20

    Chapter  Google Scholar 

  19. Libert, B., Ling, S., Mouhartem, F., Nguyen, K., Wang, H.: Signature schemes with efficient protocols and dynamic group signatures from lattice assumptions. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 373–403. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6_13

    Chapter  Google Scholar 

  20. Libert, B., Ling, S., Nguyen, K., Wang, H.: Zero-knowledge arguments for lattice-based accumulators: logarithmic-size ring signatures and group signatures without trapdoors. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 1–31. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_1

    Chapter  Google Scholar 

  21. Libert, B., Mouhartem, F., Nguyen, K.: A lattice-based group signature scheme with message-dependent opening. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 137–155. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_8

    Chapter  Google Scholar 

  22. Ling, S., Nguyen, K., Roux-Langlois, A., Wang, H.: A lattice-based group signature scheme with verifier-local revocation. Theor. Comput. Sci. 730, 1–20 (2018)

    Article  MathSciNet  Google Scholar 

  23. Ling, S., Nguyen, K., Stehlé, D., Wang, H.: Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 107–124. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36362-7_8

    Chapter  Google Scholar 

  24. Ling, S., Nguyen, K., Wang, H.: Group signatures from lattices: simpler, tighter, shorter, ring-based. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 427–449. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46447-2_19

    Chapter  Google Scholar 

  25. Ling, S., Nguyen, K., Wang, H., Xu, Y.: Constant-size group signatures from lattices. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10770, pp. 58–88. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76581-5_3

    Chapter  Google Scholar 

  26. Ling, S., Nguyen, K., Wang, H., Xu, Y.: Forward-secure group signatures from lattices. In: Ding, J., Steinwandt, R. (eds.) PQCrypto 2019. LNCS, vol. 11505, pp. 44–64. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25510-7_3

    Chapter  Google Scholar 

  27. Ling, S., Nguyen, K., Wang, H., Xu, Y.: Lattice-based group signatures: achieving full dynamicity with ease. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 293–312. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61204-1_15

    Chapter  Google Scholar 

  28. Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. SIAM J. Comput. 37(1), 267–302 (2007). https://doi.org/10.1137/s0097539705447360

    Article  MathSciNet  MATH  Google Scholar 

  29. Micciancio, D., Peikert, C.: Hardness of SIS and LWE with small parameters. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 21–39. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_2

    Chapter  Google Scholar 

  30. Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700–718. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_41

    Chapter  Google Scholar 

  31. Nguyen, P.Q., Zhang, J., Zhang, Z.: Simpler efficient group signatures from lattices. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 401–426. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46447-2_18

    Chapter  Google Scholar 

  32. Perera, M.N.S., Koshiba, T.: Achieving strong security and verifier-local revocation for dynamic group signatures from lattice assumptions. In: Katsikas, S.K., Alcaraz, C. (eds.) STM 2018. LNCS, vol. 11091, pp. 3–19. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01141-3_1

    Chapter  Google Scholar 

  33. Perera, M.N.S., Koshiba, T.: Zero-knowledge proof for lattice-based group signature schemes with verifier-local revocation. In: Barolli, L., Kryvinska, N., Enokido, T., Takizawa, M. (eds.) NBiS 2018. LNDECT, vol. 22, pp. 772–782. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-98530-5_68

    Chapter  Google Scholar 

  34. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC, pp. 84–93. ACM (2005). https://doi.org/10.1145/1060590.1060603

  35. Zhang, Y., Hu, Y., Gao, W., Jiang, M.: Simpler efficient group signature scheme with verifier-local revocation from lattices. KSII Trans. Internet Inf. Syst. 10(1), 414–430 (2016). https://doi.org/10.3837/tiis.2016.01.024

    Article  Google Scholar 

Download references

Acknowledgments

The authors would like to thank the anonymous reviewers of CANS 2019 for their helpful comments and this research is supported by the National Natural Science Foundation of China under Grant 61772477.

Author information

Authors and Affiliations

  1. Zhengzhou University of Light Industry, Zhengzhou, 450002, China

    Yanhua Zhang & Qikun Zhang

  2. Fuzhou University, Fuzhou, 350108, China

    Ximeng Liu

  3. Xidian University, Xi’an, 710071, China

    Yupu Hu

  4. Guangzhou University, Guangzhou, 510006, China

    Huiwen Jia

Authors
  1. Yanhua Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ximeng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yupu Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qikun Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Huiwen Jia
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yanhua Zhang .

Editor information

Editors and Affiliations

  1. Fujian Normal University, Fuzhou, China

    Yi Mu

  2. Singapore Management University, Singapore, Singapore

    Robert H. Deng

  3. Fujian Normal University, Fuzhou, China

    Xinyi Huang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhang, Y., Liu, X., Hu, Y., Zhang, Q., Jia, H. (2019). Lattice-Based Group Signatures with Verifier-Local Revocation: Achieving Shorter Key-Sizes and Explicit Traceability with Ease. In: Mu, Y., Deng, R., Huang, X. (eds) Cryptology and Network Security. CANS 2019. Lecture Notes in Computer Science(), vol 11829. Springer, Cham. https://doi.org/10.1007/978-3-030-31578-8_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-31578-8_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-31577-1

  • Online ISBN: 978-3-030-31578-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation