Research On Signcryption Schemes Based On Lattice Problems

The information age is increasingly dependent on information security.As the core of information security,cryptography,especially public-key cryptosystem,can provide a support for strengthen the security of communication information.Digital signcryption is a relatively novel cryptographic primitive.It has the sum of the characteristics of encryption and digital signature.It can achieve confidentiality,integrity,authentication and non-repudiation at a lower cost.The high efficiency and versatility of digital signcryption make its value.The traditional digital signcryption schemes based on the assumptions of difficult problems in number theory have been influenced a lot by the development of quantum computing.Lattice-based public key cryptography is a type of post-quantum cryptographic schemes.The research on lattices in the past two decades has found that the lattice problem is proved safe in the worst case scenario,which makes lattice-based cryptographic schemes more prefered in post-quantum cryptography.The signcryption based on lattice can improve the secure level of the signcryption scheme in the post-quantum environment.In the lattice-based cryptographic schemes,the calculation of the trapdoor generation algorithm and the original image sampling algorithm is more complicated,which in turn affects the computational efficiency of the entire cryptosystem.The research on the lattice-based cryptography found that if the appropriate parameters are selected and the simple Gaussian sampling is appropriately increased,the trapdoor generation algorithm and the original image sampling algorithm can be effectively avoided.However,the development of the structure of signcryption based on lattice has been developing relatively slowly.This paper focuses on three special forms of lattice-based signcryption,specifically,identity-based signcryption,certificateless signcryption,and heterogeneous signcryption.The structure of signcryption scheme is designed in combination with lattice theory.The main work is as follows:Firstly,using rejection sampling technology,an identity-based signcryption scheme based on lattice theory is constructed.Under the random oracle model(ROM),based on the learning with errors(LWE)problem as the premise,it is proved that the scheme we construct has indistinguishability under adaptive chosen ciphertext attack(IND-CCA2).Based on the small interger solution problem(SIS),the existential unforgeability is also proved under chosen message attack(EUF-CMA).Compared with the existing lattice-based identity-based signcryption scheme,the public and private key size of this scheme is smaller,and the amount of signcryption/designcryption calculations is lower,which verifies the efficiency of the scheme.Secondly,through setting parameter and introducing Gaussian sampling,a lattice-based certificateless signcryption scheme is constructed.In the construction of the scheme,rejection sampling technology and secondary encryption technology are used,and simple Gaussian sampling is used to replace the lattice trapdoor generation algorithm.Under the ROM,under the attack of two types of adversaries(internal attackers and external attackers)of the certificateless cryptosystem,our scheme based on the difficulty of LWE is proved to be secure for IND-CCA2-I/II,and our scheme based on the difficulty of SIS is proved to be secure for EUF-CMA-I/II.Compared with the existing lattice-based certificateless cryptographic schemes,the public and private keys are smaller in size,and only simple Gaussian sampling and matrix/vector multiplication/sum operations are involved in signcryption/designcryption,and the calculation is more efficienct.Thirdly,using rejection sampling technology,this paper construct the first heterogeneous signcryption scheme from CLPKC to IDPKC based on lattice.On the basis of the identity-based signcryption scheme constructed in the first point,by designing the user key generation algorithm in the certificateless cryptosystem,a heterogeneous signcryption scheme from CLPKC to IDPKC based on lattice theory is constructed.Under the ROM,it is proved to be secure for IND-CCA2 based on the intractability of the LWE problem,and it is proved to be secure for EUF-CMA-I/II based on the intractability of the SIS problem.