Research On Lattice-Based Anonymous Signature And Identification Schemes

Modern cryptography is an effective approach and core technology to ensure information security and secure communication.With the appearance of Shor's algorithm and Grover's algorithm,the research of quantum computer is becoming more and more mature.This imposes serious threats on classical cryptographic systems based on number theory.Tremendous efforts have been made on the cryptosystems that can be still operated on classical computers as well as resist quantum attacks,which is called post-quantum cryptosystems.As the most promising post-quantum cryptography system,lattice-based public-key cryptography has become a hot research spot.Although the research on lattice-based cryptography has made a breakthrough in recent years,it is not perfect so far and there are still many problems remain unsolved.On the one hand,since lattice-based schemes have a low space efficiency and its application functionality needs to be expanded.It is necessary to improve the space efficiency and design cryptographic algorithms with more cryptographic properties.On the other hand,it needs to explore and study the novel security model in the post quantum environment.According to these considerations,this dissertation studies on lattice-based anonymous signature schemes as well as an identification protocol in the quantum random oracle model.The main research results are as follows:1.In order to improve the efficiency of lattice-based group signatures,reduce the communication and computational costs,and make the application features more flexible and convenient,a lattice-based group signature scheme is proposed by means of the super-sampling theorem on lattices,and the non-interactive zero-knowledge proof of problems of learning with errors and inhomogeneous small integer solution problem.The proposed scheme has simpler structure and shorter group public key,private keys and signature sizes,and supports of the functionality of verifier local revocation,by means of the super-sampling theorem on lattices,and the non-interactive zero-knowledge proof of problems of learning with errors and inhomogeneous small integer solution problem.Additionally,our group signature scheme is self-less anonymous and traceable,and the security can be reduced to small integer solution and learning with errors problem on lattices.Compare with the group signature put forward by Nguyen et al and Langlois et al,this proposal is more flexible with higher efficiency and lower cost in communication and computing.2.In order to effectively reduce the size of verification keys in lattice-based ring signature schemes constructed from basis delegation,an extended concept is defined based on the split-small integer solution problem introduced by Nguyen et al.The hardness of the extended problem is proved to be as hard as the approximating shortest independent vectors problem within certain polynomial factor.On the basis of extended split-small integer solution problem,we improved an existing lattice-based ring signature scheme is improved and proved to be anonymous and unforgeable against the insider corruption.Meanwhile,another two existing lattice-based signature schemes are also improved.Finally,the comparisons of three improved schemes with their original ones show that the sizes of their verification keys are significantly reduced.3.For the realization of the lattice-base blind signature scheme in the identity-based cryptosystem,the reduction of the number of interactions in the existing blind signature protocol,and the avoidance of failures in signing procedure,two identity-based blind signature schemes are constructed under random oracle model and standard model,by the cryptographic tools of lattice basis delegation in fixed dimension,and algorithms Sampleleft and Sampleright.These two constructions are proved to be unconditionally blind,and one-more unforgeable under the selective identity and chosen message attacks in their corresponding security model,and the security can be reduced to the small integer solution problems on lattices.The proposed blind signature schemes have only two rounds and without failures in the signature protocols.4.In order to improve the identification protocol proposed by Boneh et al,which is secure in the classical random oracle model but insecure in the quantum random oracle model,a constant parameter is found that plays an important role in the security of the protocol.The security of the identification protocol changes greatly with the variation of this parameter.In order to analyze effect of the parameter on the security of the protocol more accurately,this constant parameter is studied as a variable,and an improved identification protocol is proposed by the techniques of Chernoff bounds,Grover algorithm,and quantum time assumptions.The improved identification protocol is secure in both the classical and the quantum random oracle models if the variable is chosen appropriately.Finally,we find the secure lower bound for this variable parameter.