Research On Signature And Signcryption Schemes Based On Lattice Problems

With the rapid development of quantum computers,the security of crypto-graphic schemes based on the intractability of large integer factorization problem and discrete logarithm problem is at stake.In order to find secure cryp-tographic schemes in the era of quantum computer,more and more attention has been paid to post quantum cryptography,especially lattice-based cryptography.Security of lattice-based cryptographic schemes is usually based on the intractability assumption of average-case problems,such as learning with errors problem and small integer solution problem.Due to the reduction relations be-tween worst-case problems and average-case problems,cryptographic schemes based on lattice problems are more secure.Study on lattice-based cryptosystems has great development in recent twenty years,a lot of results have been proposed in signature,signcryption and other aspects.However,the research on lattice-based signature and signcryption schemes with special properties has not been fruitful.Lattice-based aggregate signature,proxy signature,fuzzy identity signature,fuzzy identity signcryption,multi-receiver signcryption and heterogeneous signcryption all have great theoretical significance.In this dissertation,based on average-case lattice hard problems,we study signature and signcryption schemes adapted to the special environments from the aspects of implementation,security and efficiency.The following research results are obtained:1.An unordered aggregate signature scheme is constructed based on the intersection method in lattice.The idea of constructing unordered aggregate signature in lattice follows that of aggregation through addition in traditional cryptography,but it is difficult for the public key in lattice to implement the additive operation corresponding to the signature.In order to realize aggregate verification,the corresponding public keys of the single signatures must be essentially the same,which makes aggregate signature vulnerable to forgery.In order to solve this problem,we adopt the inter-section method in lattice,realize the unordered aggregation of signatures in lattice without the need for the same public key.This provides a new idea for the construction of unordered aggregate signatures in lattice,and enhances the security of unordered aggregate signatures in lattice.2.An efficient proxy signature scheme and an identity-based message recov-erable proxy signature scheme are designed in lattice.Firstly,by the orig-inal signer and proxy signer jointly controlling the proxy signature,a new lattice proxy signature scheme is designed,which improves the existing lattice proxy signature scheme.Compared with the original scheme,the new scheme is no longer dependent on secure channel,parameter setting is more accurate,proxy authorization is publicly verifiable and proxy authority is revocable.On this basis,in order to further reduce the length of message to be transmitted,message recoverable signature is introduced,and an identity-based message recoverable lattice proxy signature scheme is implemented.The scheme also does not depend on secure channel and proxy authorization is publicly verifiable.Moveover,the security of proxy authorization and proxy signature is elaborated in detail.3.Three kinds of lattice signcryption schemes with special properties,a lattice signcryption scheme with better efficiency and a lattice signcrvption scheme with practical security in standard model are proposed.The research on special properties involves proposing a fuzzy identity lat?tice signcryption scheme,a multi-receiver lattice signcryption scheme and a lattice heterogeneous signcryption scheme.The fuzzy identity lattice signcryption scheme combines the optimized fuzzy identity signature technology and the fuzzy identity encryption technology in lattice,and introduces the fuzzy identity attribute into the signcryption scheme,realizes the fuzzy identity attribute of lattice signcryption,and enriches the identity expression of the lattice signcryption scheme.The multi-receiver lattice signcryption scheme adopts the bonsai tree proxy technology which is unique to the lattice,and adds a new design method for multi-receiver attribute of the signcryption scheme.The lattice-based hetero-geneous signcryption scheme considers the transmission between public key infrastructure-based cryptosystems and identity-based cryptosystems,and achieves barrier-free information transmission between senders and receivers in different systems.Furthermore,in order to improve the efficiency of lattice signcryption scheme,a lattice-based signcryption scheme without trapdoor generation algorithm and preimage sampling algorithm is proposed,which combines lattice signature without trapdoor with efficient lattice-based encryption technology based on learning with errors problem.In addition,for the practical security of the lattice signcryption scheme,the lattice signcryption scheme is proposed which achieves the security under the standard model through the dual encryption technology.