Abstract
One important property of group signatures is forward-security, which prevents an attacker in possession of a group signing key to forge signatures produced in the past. In case of exposure of one group member’s signing key, group signatures lacking forward-security need to invalidate all group public and secret keys (by re-initializing the whole system) but also invalidate all previously issued group signatures. Most of the existing forward-secure group signatures (FS-GS) are built from number-theoretic security assumptions which are vulnerable to quantum computers. The only post-quantum secure FS-GS scheme is built from lattices by Ling et al. (PQCrypto 19) in the random oracle model, following the classical framework of encrypt-then-prove, thus using non-interactive zero-knowledge (NIZK) proofs. In this work, we achieve the first FS-GS from lattices in the standard model. Our starting point is the group signature of Katsumada and Yamada (Eurocrypt 19) which replaces NIZK by attribute-based signatures (ABS), thus removing the need for random oracles. We first modify the underlying ABS of Tsabary (TCC 17) to equip it with forward-security property. We then prove that by plugging it back in the group signature framework of Katsumada and Yamada (Eurocrypt 19), we can design a FS-GS scheme secure in the standard model with public key and signature size constant in the number of users. Our constant size is achieved by relying on complexity leveraging, which further implies relying on the subexponential hardness of the Short Integers Solution (SIS) assumption.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.