Please use this identifier to cite or link to this item:
Full metadata record
DC FieldValueLanguage
dc.contributor.authorLing, Sanen_US
dc.contributor.authorNguyen, Khoaen_US
dc.contributor.authorWang, Huaxiongen_US
dc.contributor.authorXu, Yanhongen_US
dc.identifier.citationLing, S., Nguyen, K., Wang, H., & Xu, Y. (2019). Lattice-based group signatures: Achieving full dynamicity (and deniability) with ease. Theoretical Computer Science, 783, 71–94. doi:10.1016/j.tcs.2019.03.023en_US
dc.description.abstractLattice-based group signature is an active research topic in recent years. Since the pioneering work by Gordon et al. (2010) [20], eight other schemes have been proposed, providing various improvements in terms of security, efficiency and functionality. However, most of the existing constructions work only in the static setting where the group population is fixed at the setup phase. The only two exceptions are the schemes by Langlois et al. (2014) [27] that handles user revocations (but new users cannot join), and by Libert et al. (2016) [28], [29] which addresses the orthogonal problem of dynamic user enrollments (but users cannot be revoked).In this work, we provide the first lattice-based group signature that offers full dynamicity (i.e., users have the flexibility in joining and leaving the group), and thus, resolve a prominent open problem posed by previous works. Moreover, we achieve this non-trivial feat in a relatively simple manner. Starting with Libert et al.'s fully static construction (2016) [30] - which is arguably the most efficient lattice-based group signature to date, we introduce simple-but-insightful tweaks that allow to upgrade it directly into the fully dynamic setting. More startlingly, our scheme even produces slightly shorter signatures than the former, thanks to an adaptation of a technique proposed by Ling et al. (2013) [35], allowing to prove inequalities in zero-knowledge. The scheme satisfies the strong security requirements of Bootle et al.'s model (2016) [7], under the Short Integer Solution (SIS) and the Learning With Errors (LWE) assumptions.Furthermore, we demonstrate how to equip the obtained group signature scheme with the deniability functionality in a simple way. This attractive functionality, put forward by Ishida et al. (2016) [22], enables the tracing authority to provide an evidence that a given user is not the owner of a signature in question. In the process, we design a zero-knowledge protocol for proving that a given LWE ciphertext does not decrypt to a particular message.en_US
dc.description.sponsorshipMinistry of Education (MOE)en_US
dc.relation.ispartofTheoretical Computer Scienceen_US
dc.rights© 2019 Elsevier B.V. All rights reserved. This paper was published in Theoretical Computer Science and is made available with permission of Elsevier B.V.en_US
dc.titleLattice-based group signatures : achieving full dynamicity (and deniability) with easeen_US
dc.typeJournal Articleen
dc.contributor.schoolSchool of Physical and Mathematical Sciencesen_US
dc.description.versionAccepted versionen_US
dc.subject.keywordsLattice-based Group Signaturesen_US
dc.subject.keywordsFull Dynamicityen_US
dc.description.acknowledgementThe authors would like to thank Benoît Libert for helpful comments and discussions. The research is supported by Singapore Ministry of Education under Research Grant MOE2016-T2-2-014(S). Khoa Nguyen is also supported by the Gopalakrishnan – NTU Presidential Postdoctoral Fellowship 2018.en_US
item.fulltextWith Fulltext-
Appears in Collections:SPMS Journal Articles
Files in This Item:
File Description SizeFormat 
Lattice based group signatures achieving full dynamicity and deniability with ease.pdf678.09 kBAdobe PDFView/Open

Page view(s)

Updated on Jul 4, 2022


Updated on Jul 4, 2022

Google ScholarTM




Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.