Research On Lattice-based Group Signature Schemes

Group signature can allow any member of the group to sign a message on behalf of the group, the verifier can only verify the signature is correct or not, but can not determine whom sign it. Once a controversy happens, the group manager can open the signature and determine the identity of the signer through signing key. So the signature is anonymous and traceable. These two properties make group signature has many applications in the elections, the news release, e-commerce and so on. Blind signature means that the signer does not know the specific content of the message that signed, and the signature is not traceable. In other words, Even if the signature was announced, the signer can not determine when and to whom signed the message, but the signature is correct which can be verified.Group blind signature combines the properties of group signature and blind signature. So the signature is blind and anonymous. Because of these excellent features, Group blind signature can be used to construct a safety electronic cash system in which a number of banks allowed to participate. In order to make sure that the signer does not know the real content of the message that signed, when constructing a group blind signature scheme we should made the massage blind before signing the message.Most of the digital signatures are based on traditional number problems which can not resist quantum attack and have complicated operations. As one of the most famous cryptosystems in Post-Quantum Cryptography, the public-key cryptosystem on lattice has many advantages, such as immune to quantum attacks, the simple algorithm structure, good reduction of difficult problems, and provable security. Therefore, constructing signature schemes based on lattice has important theoretical and practical significance.We mainly discuss the theory of group signature and blind signature. We research on the construction security prove and application of the group signature. Our research and results are listed as follows:1. We construct the first group blind signature based on lattice, and the theoretical foundations of the scheme are GKV group signature scheme and Wang blind signature scheme. The advantage of the scheme is when group members joined the group, they should execute a zero-knowledge proof protocol, which promise the group manager can not get the group members’signing keys, thus he can not fake group members to generate legitimate signatures, in other words, the scheme can resist framed attack. At the same time, we also make a detailed analysis and argument of the security for the scheme.2. We put forward an improved signature based on LLLS group signature, and make a analysis of the security of the scheme. During the signature stage, original scheme use two different matrices, while improved scheme use the only one matrix. During the verification stage, original scheme should verify two equations hold simultaneously, but improved scheme need to verify the only one equation holds. Compared with the original scheme, the improved scheme is more efficiency and calculation is reduced greatly.