Research On Attribute-based Signature Scheme

Digital signature is an integral part of information security technology and widely used for identity authentication,data integrity and non-repudiation.Therefore,digital signature has become one of the major elements in modern cryptography.The traditional authentication of digital signature is one-to-one authentication,and it uses the public key to complete the signature verification,which is not good for protecting the user's identity privacy.Attribute-based signature is an extension of identity-based signature.Unique identification of user identity in identity-based cryptosystem can be expressed as a set of attributes composed of multiple attributes.Moreover,the public key is corresponding to the attribute set,which reduces the cost of distribution and management of keys.In the phase of signature verification,the data receiver will judge whether the sender's attributes satisfy access structure.The sender can generate valid signature only when attributes satisfy access structure.After the signature is verified,the data receiver can only get the user's attributes,and cannot infer the user's identity information,thus the user's identity privacy can be protected.Therefore,as a signature technology can effectively implement security authentication and fine-grained access control,more and more attention has been paid to attribute-based signature.In thesis,the algorithms of lattice-based attribute signature and attribute-based signature for general circuits are studied.The main contributions of this thesis are as follows.1.As a new cryptosystem,lattice is recognized to be able to resist quantum attacks.Two attribute-based signature schemes realizing linear secret-sharing scheme(LSSS)from lattices are proposed.The proposed schemes can not only resist quantum attacks effectively,but also implement flexible access structure.In the first proposed scheme,the signature key is generated by the lattice basis expansion algorithm,and the message is signed by the Gaussian sampling algorithm.Compared with the existing lattice-based attribute signature,the first proposed scheme implements a flexible access structure and reduces the length of the private key and public key.By utilizing the zero knowledge proof protocol,the second proposed scheme not only reduces the size of the private key,but also hides the access structure.Thus,better protection of users' privacy can be realized.2.The cryptosystem for general circuits can not only reach more flexible access structure,but also resist backtracking attack.Based on multilinear mapping,an attribute-based signature scheme for general circuits is proposed.By using CR-TOR coding mechanism,the proposed scheme can realize access structure of general circuits.Compared with the traditional attribute-based signature schemes for general circuits based on Move Forward and Shift technology,the generation of private key and the calculation of circuit in proposed scheme are more simple and direct.Moreover,compared with the schemes using the same CR-TOR coding mechanism,the proposed scheme reduces the scale of public parameters and master keys,and has higher communication efficiency and higher security.