Constructions Of Lattice-Based Cryptography With Particular Features

The birth of public key cryptography has set an important milestone in the development of modern cryptography, greatly promoted the prosperity of modern cryptography, and provided a strong guarantee for information security. However, with the prosperity of quantum cryptography, the special computing power based on quantum computer, the public key cryptography will face some new challenges. In other words, once the quantum computer is put into use, the security of the traditional public key cryptography will be completely lost.How to resist the quantum computing attacks become a very urgent problem, which is called cryptography of the post quantum computing era.As one of the representatives of post quantum cryptography, lattice-based cryptography enjoys very attractive advantages in the development process. A lot of progress has emerged in the understanding of lattices under the past decade, which are enriched the source of hard computational problems. Most notably, the designs of cryptographic schemes enjoy strong security guarantees and other desirable properties, which can be proved secure assuming the hardness of worst-case problems. Additionally, and in contrast with number-theoretic problems typically used in cryptography, the underlying problems have so far resisted attacks by quantum algorithms. Yet even with these security advantages, lattice-based schemes also tend to be remarkably simple and asymptotically efficient. Despite the exciting results in lattice-based cryptography research, they also exist some problems, such as the key space is too large and communication efficiency is not high. This seriously limits the development and promotion of lattice-based cryptography.Based on the above considerations, the dissertation carries out several types of design and research of lattice-based cryptography with particular properties, its research results on lattices realize some new cryptographic function, or improve the efficiency of the schemes.The main results are as follows:(1) To limit the problem of key exposure in ABS, the technique of binary tree structure is introduced to design our scheme, its purpose aims at updating the private key of the signature in the different time periods. By this advantage of this structure, we propose a security model of key evolution ABS under SIS and design a ke-ABS scheme supporting threshold predicates. Our construction can limit the damage of key exposure, which can provide strong security guarantees. Under the SIS assumption, the scheme is proven to be secure in the random oracle model. Additionally, the scheme can achieve attribute signer privacy and strong unforgeability.(2)To achieve an anonymous ABSC, we formalize the notion and security model of hidden attribute-based signcryption, and design the first hidden attribute-based signcryption from lattices. With the technique, users can sign messages with the described any subset of their attributes. At the same time, users with their attribute set can achieve the function of unsigncryption in the scheme. Compared with the existing lattice-based cryptographic schemes,the scheme supports more flexible features and hides the identity of the encryptors. In the random oracle model, the security of the scheme indistinguishable aganist chosen ciphertext attack(IND-ABSC-CCA2) under the hardness of the LWE problem and is existentially unforgeable under chosen message attack(EUF-ABSC-CMA) under the SIS problem.(3) Most of the previous multi-concurrent signatures lack of the security proof. For this purpose, we formalize the notion and security model of multi-concurrent signature schemes,and design an efficient multi-concurrent signature scheme from lattices with the technique of key agreement, the scheme is an enhanced security scheme. In the random oracle model, the scheme satisfies all the properties of multi-concurrent signatures under the SIS assumptions.(4) To improve the efficiency of the signature, we formalize the notion and security model of identity-based offline/online signature, and construct an adaptively secure identity-based offline/online signature from lattices. The scheme divides into two parts: the offline parts and the online parts. The offline parts perform most heavy pre-computations before given message; the online parts only perform little computations after the message is received,which is remarkably fast. Additionally, we essentially introduce chameleon hash functions to turn a weak security scheme into a strong security scheme. Namely the scheme satisfies strong unforgeability under the SIS assumptions.