作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2021, Vol. 47 ›› Issue (2): 160-167,175. doi: 10.19678/j.issn.1000-3428.0057111

• 网络空间安全 • 上一篇    下一篇

格上高效的完全动态群签名方案

叶青, 赵楠楠, 赵宗渠, 秦攀科, 闫玺玺, 汤永利   

  1. 河南理工大学 计算机科学与技术学院, 河南 焦作 454000
  • 收稿日期:2020-01-03 修回日期:2020-02-06 出版日期:2021-02-15 发布日期:2020-02-18
  • 作者简介:叶青(1981-),女,讲师、博士,主研方向为密码学、数字签名;赵楠楠,硕士研究生;赵宗渠(通信作者)、秦攀科,讲师、博士;闫玺玺,副教授、博士;汤永利,教授、博士后。
  • 基金资助:
    国家自然科学基金(61802117);河南省高校科技创新团队支持计划(20IRTSTHN013);河南省重点研发与推广专项(182102310923,192102210280);河南省高等学校重点科研项目(18A413001,19A520025);河南理工大学自然科学基金(T2018-1);河南理工大学青年骨干教师资助计划(2018XQG-10)。

Efficient Fully Dynamic Group Signature Scheme from Lattice

YE Qing, ZHAO Nannan, ZHAO Zongqu, QIN Panke, YAN Xixi, TANG Yongli   

  1. College of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, Henan 454000, China
  • Received:2020-01-03 Revised:2020-02-06 Online:2021-02-15 Published:2020-02-18

摘要: 为降低完全动态群签名加入和撤销机制的复杂性,将动态群签名思想引入NGUYEN等人提出的格上群签名方案,提出一种改进的完全动态群签名方案。在改进方案中,用户产生自己的签名密钥而不是由群管理员产生,当用户加入群时,群管理员验证用户身份并为其颁发证书,用户成为群成员后用自己的签名密钥和证书进行签名。若群成员有不合法行为或想退群,则群管理员和群成员均可执行群成员的撤销操作,使群成员退出该群。由于方案中群成员的签名密钥由自己生成,因此能够抵抗群管理员的陷害攻击。在随机预言模型下,基于错误学习问题和非齐次小整数解问题证明改进方案的安全性。分析结果表明,该方案能够减少加入和撤销机制的计算代价,且密钥长度和签名长度与群成员数量无关,适用于大群组的签名系统。

关键词: 动态群签名, 格, 陷害攻击, 错误学习问题, 非齐次小整数解问题

Abstract: In order to reduce the complexity of the joining and revoking mechanism of fully dynamic group signature, this paper introduces the concept of dynamic group signature into NGUYEN's group signature scheme from lattice,and on this basis proposes an improved fully dynamic group signature scheme.In this scheme,the signing key is generated by the user rather than the group manager.When the user joins a group,the group manager verifies the user's identity and issues a certificate for the user.After becoming a group member,the group member signs with his/her own signing key and the issued certificate.If a group member has illegal behavior or wants to withdraw from the group,both the group manager and the group member can perform the revocation operation on the group member to make the group member leave the group.In this scheme,since the signing key of a group member is generated by himself/herself,it can resist the trap attack from the group manager.Under the random oracle model,the security of the proposed scheme is verified based on the Learning with Error(LWE) problem and the Inhomogeneous Small Integer Solution(ISIS) problem.Analysis results show that the proposed scheme can reduce the computational cost of joining and revocation mechanism,and the length of a key and that of a signature do not depend on the number of group members,which makes the scheme suitable for the signature systems of large groups.

Key words: dynamic group signature, lattice, trap attack, Learning with Error(LWE) problem, Inhomogeneous Small Integer Solution(ISIS) problem

中图分类号: