| Group signature is a digital signature scheme that allows group members to sign anonymously on behalf of the group.Group administrators can track signers when necessary.Therefore,group signatures have the basic characteristics of anonymity and traceability.These characteristics make group signatures have a wide range of application scenarios.When a group signature dispute occurs,the authorized institution needs to disclose the identities of the group members,but in certain scenarios,it only needs to know whether the identities of the designated users and the signers match.In this case,the use of a standard group-based group signature model will cause security issues-the specified user may not be the given signer,and the actual signing user's information will be leaked,so design a widely used and secure group signature the scheme is one of the research focuses of this article.At present,most of the group signatures designed by traditional public key cryptography are mostly partial dynamic group signatures,or can realize the functions of user joining and group member withdrawal at the same time,but there is no denial.With the rapid development of quantum computer technology,in order to ensure that the solution can resist attacks from quantum computers,digital signatures on lattices have also become a hot spot in recent years.Constructing group signature schemes on lattices can effectively resist attacks from quantum computers.At the same time,repudiation is added to the group signature on the grid to realize the security requirement of avoiding the identity of the signer in specific scenarios.In summary,the research content of this article is as follows:(1)In order to avoid disputes caused by signatures,to prevent the user's identity from being leaked during group signing,and at the same time,users can join the group or group members can realize the two functions of revocation,We have designed a deniable fully dynamic group signature scheme.For signatures and users,by adding two algorithm designs,Dopen and DJudge,the authorized institution can publish the designated user as the signer of the signature,but will not reveal the identity of the signer and provide a security certificate.(2)On the basis of the deniable fully dynamic group signature scheme,we further construct a lattice deniable fully dynamic group signature scheme based on the SIS problem with a different structure.Different from the existing fully dynamic group signature scheme,which is based on the difficult problem of LWE and can be denied,it is to prevent the identity of the group signing user from being leaked and attacked by the quantum computer at the same time.Its safety. |
PDF Full Text Request