Threshold signature has been widely used in electronic wills,electronic elections,cloud computing,secure multiparty computation and other fields.Until now,certificateless threshold signature schemes are all based on t...Threshold signature has been widely used in electronic wills,electronic elections,cloud computing,secure multiparty computation and other fields.Until now,certificateless threshold signature schemes are all based on traditional mathematic theory,so they cannot resist quantum computing attacks.In view of this,we combine the advantages of lattice-based cryptosystem and certificateless cryptosystem to construct a certificateless threshold signature from lattice(LCLTS)that is efficient and resistant to quantum algorithm attacks.LCLTS has the threshold characteristics and can resist the quantum computing attacks,and the analysis shows that it is unforgeable against the adaptive Chosen-Message Attacks(UF-CMA)with the difficulty of Inhomogeneous Small Integer Solution(ISIS)problem.In addition,LCLTS solves the problems of the certificate management through key escrow.展开更多
In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Inf...In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Information Sciences, 2012, 6(1): 23-28] have independently extended the concept of signcryption to lattice-based cryptography. However, their schemes are only secure under the random or- acle model. In this paper, we present a lattice-based signcryp- tion scheme which is secure under the standard model. We prove that our scheme achieves indistinguishability against adaptive chosen-ciphertext attacks (IND-CCA2) under the learning with errors (LWE) assumption and existential unforgeability against adaptive chosen-message attacks (EUF- CMA) under the small integer solution (SIS) assumption.展开更多
This paper proposes the first lattice-based sequential aggregate signature (SAS) scheme with lazy verification that is provably secure in the random oracle model. As opposed to large integer factoring and discrete l...This paper proposes the first lattice-based sequential aggregate signature (SAS) scheme with lazy verification that is provably secure in the random oracle model. As opposed to large integer factoring and discrete logarithm based systems, the security of the construction relies on worst-case lattice problem, namely, under the small integer solution (SIS) assumption. Generally speaking, SAS schemes enable any group of signers ordered in a chain to sequentially combine their signatures such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Unlike prior such proposals, the new scheme does not require a signer to retrieve the keys of other signers and verify the aggregate-so-far before adding its own signature, and the signer can add its own signature to an unverified aggregate and forward it along immediately, postponing verification until load permits or the necessary public keys are obtained. Indeed, the new scheme does not even require a signer to know the public keys of other signers.展开更多
Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can...Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attributebased signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices,which could resist quantum attacks, is proposed. This scheme employs "bonsai tree" techniques, and could be proved secure under the hardness assumption of small integer solution problem.展开更多
Blind signcryption(BSC) can guarantee the blindness and untrackability of signcrypted messages, and moreover, it provides simultaneous unforgeability and confidentiality. Most traditional BSC schemes are based on the ...Blind signcryption(BSC) can guarantee the blindness and untrackability of signcrypted messages, and moreover, it provides simultaneous unforgeability and confidentiality. Most traditional BSC schemes are based on the number theory. However, with the rapid development of quantum computing, traditional BSC systems are faced with severe security threats. As promising candidate cryptosystems with the ability to resist attacks from quantum computing, lattice-based cryptosystems have attracted increasing attention in academic fields. In this paper, a post-quantum blind signcryption scheme from lattice(PQ-LBSCS) is devised by applying BSC to lattice-based cryptosystems. PQ-LBSCS inherits the advantages of the lattice-based cryptosystem and blind signcryption technique. PQ-LBSCS is provably secure under the hard assumptions of the learning with error problem and small integer solution problem in the standard model. Simulations are carried out using the Matlab tool to analyze the computational efficiency, and the simulation results show that PQ-LBSCS is more efficient than previous schemes. PQ-LBSCS has extensive application prospects in e-commerce, mobile communication, and smart cards.展开更多
Inspired by the framework of Boyen, in this paper, an attribute-based signature(ABS) scheme from lattice assumption is proposed. In this attribute-based signature scheme, an entity's attributes set corresponds to t...Inspired by the framework of Boyen, in this paper, an attribute-based signature(ABS) scheme from lattice assumption is proposed. In this attribute-based signature scheme, an entity's attributes set corresponds to the concatenation of a lattice matrix with the sum of some random matrices, and the signature vector is generated by using the Preimage Sampling algorithm. Compared with current attribute-based signature schemes, this scheme can resist quantum attacks and enjoy shorter public-key, smaller signature size and higher efficiency.展开更多
In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement...In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement protocols based on lattice up to now.To solve this issue,an improved key agreement protocol with post quantum security is proposed.Firstly,by analyzing the Wess-Zumino model+(WZM+)key agreement protocol based on small integer solution(SIS)hard problem,it is found that there are fatal defects in the protocol that cannot resist man-in-the-middle attack.Then based on the bilateral inhomogeneous small integer solution(Bi-ISIS)problem,a mutual authenticated key agreement(AKA)protocol with key confirmation is proposed and designed.Compared with Diffie-Hellman(DH)protocol,WZM+key agreement protocol,and the AKA agreement based on the ideal lattice protocol,the improved protocol satisfies the provable security under the extend Canetti-Krawczyk(eCK)model and can resist man-in-the-middle attack,replay attack and quantum computing attack.展开更多
Many evidences have showed that some intelligence agencies(often called big brother)attempt to monitor citizens’communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing the...Many evidences have showed that some intelligence agencies(often called big brother)attempt to monitor citizens’communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing them to adopt these algorithms.Since legalized services on large number of various applications and system architectures depend on digital signature techniques,in the context some coerced users who use double authentication preventing signatures to design some novel digital signature techniques,have some convincing dissertations to defuse requests from authorities and big brothers creating some corresponding subverted signatures.As rapid progress in quantum computers,National Security Agency advisory memorandum and announcement of National Institute of Standards and Technology procedures from standardization focus on some cryptographic algorithms which are post quantum secure.Motivated by these issues,we design an algorithm substitution attack against Fiat-Shamir family based on lattices(e.g.,BLISS,BG,Ring-TESLA,PASSSign and GLP)that are proven post-quantum computational secure.We also show an efficient deterable way to eliminate big brother’s threat by leaking signing keys from signatures on two messages to be public.Security proof shows that our schemes satisfy key extraction,undetectability and deterability.Through parameters analysis and performance evaluation,we demonstrate that our deterring subverted Fiat-Shamir signature is practical,which means that it can be applied to privacy and protection in some system architectures.展开更多
基金supported by the Key Project of Natural Science Basic Research Plan of Shaanxi Province under the Grant 2020JZ-54.
文摘Threshold signature has been widely used in electronic wills,electronic elections,cloud computing,secure multiparty computation and other fields.Until now,certificateless threshold signature schemes are all based on traditional mathematic theory,so they cannot resist quantum computing attacks.In view of this,we combine the advantages of lattice-based cryptosystem and certificateless cryptosystem to construct a certificateless threshold signature from lattice(LCLTS)that is efficient and resistant to quantum algorithm attacks.LCLTS has the threshold characteristics and can resist the quantum computing attacks,and the analysis shows that it is unforgeable against the adaptive Chosen-Message Attacks(UF-CMA)with the difficulty of Inhomogeneous Small Integer Solution(ISIS)problem.In addition,LCLTS solves the problems of the certificate management through key escrow.
基金This work was supported by the National Natural Science Foundation of China (Grant Nos. 61272057, 61202434, 61170270, 61100203, 61003286, 61121061), the Fundamental Research Funds for the Central Universities (2012RC0612, 2011YB01), Langfang Teachers University Youth Fund (LSZQ200804), Hebei Education Funds for Youth Project (Q2012020, QN20131077).
文摘In order to achieve secure signcryption schemes in the quantum era, Li Fagen et al. [Concurrency and Computation: Practice and Experience, 2012, 25(4): 2112-2122] and Wang Fenghe et al. [Applied Mathematics & Information Sciences, 2012, 6(1): 23-28] have independently extended the concept of signcryption to lattice-based cryptography. However, their schemes are only secure under the random or- acle model. In this paper, we present a lattice-based signcryp- tion scheme which is secure under the standard model. We prove that our scheme achieves indistinguishability against adaptive chosen-ciphertext attacks (IND-CCA2) under the learning with errors (LWE) assumption and existential unforgeability against adaptive chosen-message attacks (EUF- CMA) under the small integer solution (SIS) assumption.
基金supported by the National Natural Science Foundations of China (61173151, 61472309)
文摘This paper proposes the first lattice-based sequential aggregate signature (SAS) scheme with lazy verification that is provably secure in the random oracle model. As opposed to large integer factoring and discrete logarithm based systems, the security of the construction relies on worst-case lattice problem, namely, under the small integer solution (SIS) assumption. Generally speaking, SAS schemes enable any group of signers ordered in a chain to sequentially combine their signatures such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Unlike prior such proposals, the new scheme does not require a signer to retrieve the keys of other signers and verify the aggregate-so-far before adding its own signature, and the signer can add its own signature to an unverified aggregate and forward it along immediately, postponing verification until load permits or the necessary public keys are obtained. Indeed, the new scheme does not even require a signer to know the public keys of other signers.
基金the National Natural Science Foundation of China(Nos.61133014 and 60903189)
文摘Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attributebased signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices,which could resist quantum attacks, is proposed. This scheme employs "bonsai tree" techniques, and could be proved secure under the hardness assumption of small integer solution problem.
基金Project supported by the Key Project of Natural Science Foundation Basic Research Program of Shaanxi Province,China (No. 2020JZ-54)the Innovation Foundation of Postgraduate of Xi’an University of Posts and Telecommunications,China (No. CXJJLY2018075)。
文摘Blind signcryption(BSC) can guarantee the blindness and untrackability of signcrypted messages, and moreover, it provides simultaneous unforgeability and confidentiality. Most traditional BSC schemes are based on the number theory. However, with the rapid development of quantum computing, traditional BSC systems are faced with severe security threats. As promising candidate cryptosystems with the ability to resist attacks from quantum computing, lattice-based cryptosystems have attracted increasing attention in academic fields. In this paper, a post-quantum blind signcryption scheme from lattice(PQ-LBSCS) is devised by applying BSC to lattice-based cryptosystems. PQ-LBSCS inherits the advantages of the lattice-based cryptosystem and blind signcryption technique. PQ-LBSCS is provably secure under the hard assumptions of the learning with error problem and small integer solution problem in the standard model. Simulations are carried out using the Matlab tool to analyze the computational efficiency, and the simulation results show that PQ-LBSCS is more efficient than previous schemes. PQ-LBSCS has extensive application prospects in e-commerce, mobile communication, and smart cards.
基金Supported by the National Natural Science Foundation of China(61173151,61472309)
文摘Inspired by the framework of Boyen, in this paper, an attribute-based signature(ABS) scheme from lattice assumption is proposed. In this attribute-based signature scheme, an entity's attributes set corresponds to the concatenation of a lattice matrix with the sum of some random matrices, and the signature vector is generated by using the Preimage Sampling algorithm. Compared with current attribute-based signature schemes, this scheme can resist quantum attacks and enjoy shorter public-key, smaller signature size and higher efficiency.
基金This work was supported by the China State Cryptography Development Fund of Thirteen Five-year(MMJJ20170110).
文摘In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement protocols based on lattice up to now.To solve this issue,an improved key agreement protocol with post quantum security is proposed.Firstly,by analyzing the Wess-Zumino model+(WZM+)key agreement protocol based on small integer solution(SIS)hard problem,it is found that there are fatal defects in the protocol that cannot resist man-in-the-middle attack.Then based on the bilateral inhomogeneous small integer solution(Bi-ISIS)problem,a mutual authenticated key agreement(AKA)protocol with key confirmation is proposed and designed.Compared with Diffie-Hellman(DH)protocol,WZM+key agreement protocol,and the AKA agreement based on the ideal lattice protocol,the improved protocol satisfies the provable security under the extend Canetti-Krawczyk(eCK)model and can resist man-in-the-middle attack,replay attack and quantum computing attack.
基金Supported by the National Natural Science Foundation of China(61802239,61872229,62062019,62074131)Key Research and Development Program of Shaanxi Province(2020ZDLGY09-06,2021ZDLGY06-04,2021ZDLGY05-01)+1 种基金Natural Science Basic Research Plan in Shaanxi Province(2019JQ-667,2020JQ-422)Shenzhen Fundamental Research Program(20210317191843003)
文摘Many evidences have showed that some intelligence agencies(often called big brother)attempt to monitor citizens’communication by providing coerced citizens a lot of subverted cryptographic algorithms and coercing them to adopt these algorithms.Since legalized services on large number of various applications and system architectures depend on digital signature techniques,in the context some coerced users who use double authentication preventing signatures to design some novel digital signature techniques,have some convincing dissertations to defuse requests from authorities and big brothers creating some corresponding subverted signatures.As rapid progress in quantum computers,National Security Agency advisory memorandum and announcement of National Institute of Standards and Technology procedures from standardization focus on some cryptographic algorithms which are post quantum secure.Motivated by these issues,we design an algorithm substitution attack against Fiat-Shamir family based on lattices(e.g.,BLISS,BG,Ring-TESLA,PASSSign and GLP)that are proven post-quantum computational secure.We also show an efficient deterable way to eliminate big brother’s threat by leaking signing keys from signatures on two messages to be public.Security proof shows that our schemes satisfy key extraction,undetectability and deterability.Through parameters analysis and performance evaluation,we demonstrate that our deterring subverted Fiat-Shamir signature is practical,which means that it can be applied to privacy and protection in some system architectures.