Policy-Based Group Signature Scheme from Lattice

Abstract

Although the existing group signature schemes from lattice have been optimized for efficiency, the signing abilities of each member in the group are relatively single. It may not be suitable for complex applications. Inspired by the pioneering work of Bellare and Fuchsbauer, we present a primitive called policy-based group signature. In policy-based group signatures, group members can on behalf of the group to sign documents that meet their own policies, and the generated signatures will not leak the identity and policies of the signer. Moreover, the group administrator is allowed to reveal the identity of signer when a controversy occurs. Through the analysis of application scenarios, we concluded that the policy-based group signature needs to meet two essential security properties: simulatability and traceability. And we construct a scheme of policy-based group signature from lattice through techniques such as commitment, zero-knowledge proof, rejection sampling. The security of our scheme is proved to be reduced to the module short integer solution (MSIS) and module learning with errors (MLWE) hard assumptions. Furthermore, we make a performance comparison between our scheme and three lattice-based group signature schemes. The result shows that our scheme has more advantages in storage overhead and the sizes of key and signature are decreased roughly by 83.13%, 46.01%, respectively, compared with other schemes.