Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/144626
Title: Lattice-based group signatures : achieving full dynamicity (and deniability) with ease
Authors: Ling, San
Nguyen, Khoa
Wang, Huaxiong
Xu, Yanhong
Keywords: Science::Mathematics
Issue Date: 2019
Source: Ling, S., Nguyen, K., Wang, H., & Xu, Y. (2019). Lattice-based group signatures: Achieving full dynamicity (and deniability) with ease. Theoretical Computer Science, 783, 71–94. doi:10.1016/j.tcs.2019.03.023
Journal: Theoretical Computer Science
Abstract: Lattice-based group signature is an active research topic in recent years. Since the pioneering work by Gordon et al. (2010) [20], eight other schemes have been proposed, providing various improvements in terms of security, efficiency and functionality. However, most of the existing constructions work only in the static setting where the group population is fixed at the setup phase. The only two exceptions are the schemes by Langlois et al. (2014) [27] that handles user revocations (but new users cannot join), and by Libert et al. (2016) [28], [29] which addresses the orthogonal problem of dynamic user enrollments (but users cannot be revoked).In this work, we provide the first lattice-based group signature that offers full dynamicity (i.e., users have the flexibility in joining and leaving the group), and thus, resolve a prominent open problem posed by previous works. Moreover, we achieve this non-trivial feat in a relatively simple manner. Starting with Libert et al.'s fully static construction (2016) [30] - which is arguably the most efficient lattice-based group signature to date, we introduce simple-but-insightful tweaks that allow to upgrade it directly into the fully dynamic setting. More startlingly, our scheme even produces slightly shorter signatures than the former, thanks to an adaptation of a technique proposed by Ling et al. (2013) [35], allowing to prove inequalities in zero-knowledge. The scheme satisfies the strong security requirements of Bootle et al.'s model (2016) [7], under the Short Integer Solution (SIS) and the Learning With Errors (LWE) assumptions.Furthermore, we demonstrate how to equip the obtained group signature scheme with the deniability functionality in a simple way. This attractive functionality, put forward by Ishida et al. (2016) [22], enables the tracing authority to provide an evidence that a given user is not the owner of a signature in question. In the process, we design a zero-knowledge protocol for proving that a given LWE ciphertext does not decrypt to a particular message.
URI: https://hdl.handle.net/10356/144626
ISSN: 0304-3975
DOI: 10.1016/j.tcs.2019.03.023
Rights: © 2019 Elsevier B.V. All rights reserved. This paper was published in Theoretical Computer Science and is made available with permission of Elsevier B.V.
Fulltext Permission: open
Fulltext Availability: With Fulltext
Appears in Collections:SPMS Journal Articles

Files in This Item:
File Description SizeFormat 
Lattice based group signatures achieving full dynamicity and deniability with ease.pdf678.09 kBAdobe PDFView/Open

Page view(s)

132
Updated on May 24, 2022

Download(s)

4
Updated on May 24, 2022

Google ScholarTM

Check

Altmetric


Plumx

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.