Constant-Size Group Signatures from Lattices.

In this work, we introduce the first constant-size group signature from lattices, which means that the size of signatures produced by the scheme is independent of N and only depends on the security parameter ... Lattice-based group signature is an active research topic in recent years. ... We introduce the first constant-size group signature scheme from lattices. ...

doi:10.1007/978-3-319-76581-5_3 fatcat:jeal7g6yofcd3pvwjrfe6nau2y

At PKC 2018, Ling, Nguyen, Wang and Xu presented the first constant-size group signature scheme under lattice assumptions. ... In each LGSS, the size of the group signature usually depends on the number of group members and the security parameter. Thus, designing a constant-size LGSS is an interesting problem. ... [9] constructed the first constant-size group signature scheme from lattices. ...

doi:10.1109/access.2020.2964686 fatcat:7nme5txe5va3johzblxrhb6cly

DOAJ

paradigm: KeyGen(κ, N): 1 2 Jiang Zhang (TCA) Simpler Efficient Group Signatures from Lattices March 31, 2015 6 / 22 Jiang Zhang (TCA) Simpler Efficient Group Signatures from Lattices ... March 31, 2015 8 / 22 Jiang Zhang (TCA) Simpler Efficient Group Signatures from Lattices March 31, 2015 9 / 22 Jiang Zhang (TCA) Simpler Efficient Group Signatures from Lattices March 31, 2015 ... gpk, j) = (A1 A2,1 + G(j)A2,2) KeyGen(κ, N): 1 Generate gpk = (A1, A2,1, A2,2) with a trapdoor of A1; 2 Define Aj := H(gpk, j) = (A1 A2,1 + G(j)A2,2); 3 Sample a short vector gskj = xj = (xj,1, xj,2) from ...

doi:10.1007/978-3-662-46447-2_18 fatcat:jqt3rteqvbdqvozkbvxlfzmmfe

In this paper, we make use of the intersection method from lattice to propose a novel generic method for batch signature. ... However, this structure requires a batch residue, making the size of a batch signature (for a group of messages) even longer than the sum of single signatures. ... Generally speaking, our signature size will be larger than the ones constructed in the group where DLP or ECDLP problem is hard. ...

doi:10.3390/s18114056 pmid:30463382 fatcat:nyph4b3qtfanrojq3ivsfcwibq

DOAJ

(PKC 2014) proposed the first VLR group signature based on lattice assumptions in the random oracle model. Their scheme has at least 2 O N factor in both the group public key and the signature size. ... The security of our VLR group signature can be reduced to the hardness of learning with errors (LWE) and small integer solution (SIS) in the random oracle model. ... Putting the above all together, we obtain a simpler efficient VLR group signature scheme from lattices saving a (log ) O N factor in both sizes of the group public key and the signature. ...

doi:10.3837/tiis.2016.01.024 fatcat:direw6mk4vd45lsscmdv32gpvq

Such gain is also maintained through the application of the Fiat-Shamir heuristics to derive signatures from our identification scheme. ... From security perspective we also have improvements, because our scheme exhibits a worst-case to average-case reduction typical of lattice-based cryptosystems. ... Differently from its numbertheoretic predecessors, which exhibited a complexity of O(t.N ) (where N is the size the group of users, and t is the size of the sub-group willing to sign a message), TRSS-C ...

doi:10.1007/978-3-642-14712-8_16 fatcat:qxwi5lupm5fwlb4jzb7pzkvdpe

To design an efficient lattice-based linearly homomorphic signature scheme with a short public key size and signature length, this paper proposes an efficient linearly homomorphic signature scheme over ... Considering communication efficiency, the large public key size and signature size of the linearly homomorphic signature do increase processing overhead. ... Currently, most of the lattice-based signature schemes use PSF as their basic tool, for example, the lattice-based signature in the standard model [2] , the lattice-based group signature [7] and the ...

doi:10.1007/s11432-012-4681-9 fatcat:xibla5adbjexhj3mk2betywexq

We analyze the leaked information using a lattice-based approach for solving the hidden number problem, which we adapt to the zero-knowledge proof in the EPID scheme, extending prior attacks on signature ... n signature measurements in our data, and then added 50-loop (corresponding to 2 bits known) samples from the first n signatures to the lattice until key recovery succeeded. ... i | 2 ≤ iγ [Sch92] , where γ k is the Hermite constant. ...

doi:10.13154/tches.v2018.i2.171-191 dblp:journals/tches/DallMEGHMY18 fatcat:wlwihbtir5ainomnu5npgf2yia

DOAJ OJS

Using the timing of the exchanged messages, the messages themselves, and the signatures, we mount a lattice attack that recovers the private key. ... These attacks exploit cryptosystem or protocol implementations that do not run in constant time. ... Heap h=Heap.new(s); //fixed size=s from 1 to t: Result res=sign_rtn(dgst, privk); if ( ! ...

doi:10.1007/978-3-642-23822-2_20 fatcat:4fpghzwn7zgmzhpqoli44lnnje

In this paper, we propose an anti-quantum ring signature scheme based on lattice, functionality analysis, and performance evaluation to demonstrate that this scheme supports unconditional anonymity and ... After efficiency analysis, our scheme proved more effective than the existing ring signature schemes in processing signature generation and verification. ... A ring signature can hide the signer's identity from a group, which can better solve these issues. ...

doi:10.3390/e23101364 pmid:34682088 pmcid:PMC8534384 fatcat:jau2kgn52zfybh2h3utypaarwq

DOAJ

In this work we show how to use Graphics Processing Units (GPUs) with Compute Unified Device Architecture (CUDA) to accelerate a lattice based signature scheme, namely, the NTRU modular lattice signature ... In addition, similar to most lattice based signature schemes, NTRU-MLS provides transcript security with a rejection sampling technique. ... However, lattice based signature schemes naturally have large signature sizes compared to RSA and ECC based solutions. ...

doi:10.1109/hpcsim.2016.7568376 dblp:conf/ieeehpcs/DaiSSWZ16 fatcat:ai5h6nzzhvfphl33ddjsumbiwq

In this work, we introduce the first lattice-based VLR group signature, and thus, the first such scheme that is believed to be quantum-resistant. ... In comparison with existing lattice-based group signatures, our scheme has several noticeable advantages: support of membership revocation, logarithmicsize signatures, and weaker security assumption. ... [23] designed a scheme featuring signature size O(log N ), which is the first lattice-based group signature that overcomes the linear-size barrier. ...

doi:10.1007/978-3-642-54631-0_20 fatcat:yiseljppnbewheta3in2jc67wq

In the case of elementary lattices, we show that these vector-valued forms can be obtained by inducing scalar-valued forms. ... This allows us to explain the critical signatures which occur in Borcherds' work. ... = 1; \\ Matrix to hold genus information genus=matrix(100,3); genus[size,1] = 7; genus[size,2] = 1; genus[size,3] = +5; size++; \\ Matrix to hold vector in L*/L vec=matrix(100,2); vec[1,1] = 1/3; vec[ ...

arXiv:math/0307102v1 fatcat:mf62iwuqfvdxtbussukzmh5xmy

A first order phase transition occurs upon compression of the lattice and the size dependence is qualitatively different for the two phases. ... The discussion uses a multi-stage block renormalization group approach applied to the Hubbard Hamiltonian. ... In the (albeit, approximate) real space group renormalization procedure that we use the only way that the size of the original array comes in is in the value of the renormalized coupling constants. ...

arXiv:quant-ph/0405088v1 fatcat:bpiuy6u3unccllapdh7i6etpam

However, the constructions known for more sophisticated schemes such as group signatures are still far from being practical. ... Finally, we make use of this to construct a new group signature scheme that is a "hybrid" in the sense that privacy holds under a lattice-based assumption while security is discrete-logarithm-based. ... This is in contrast to classical number-theoretic solutions, where both the key and the signature size are constant for arbitrarily many group members. ...

doi:10.1007/978-3-662-45611-8_29 fatcat:pxvk6mwpp5c57dzsf6opwljfda

Constant-Size Group Signatures from Lattices [chapter]

Preserved Fulltext

A New Constant-Size Group Signature Scheme from Lattices

Preserved Fulltext

Simpler Efficient Group Signatures from Lattices [chapter]

Preserved Fulltext

Message Integration Authentication in the Internet-of-Things via Lattice-Based Batch Signatures

Preserved Fulltext

Simpler Efficient Group Signature Scheme with Verifier-Local Revocation from Lattices

Preserved Fulltext

A Lattice-Based Threshold Ring Signature Scheme [chapter]

Preserved Fulltext

Lattice-based linearly homomorphic signature scheme over binary field

Preserved Fulltext

CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks

Preserved Fulltext

Remote Timing Attacks Are Still Practical [chapter]

Preserved Fulltext

Anti-Quantum Lattice-Based Ring Signature Scheme and Applications in VANETs

Preserved Fulltext

NTRU modular lattice signature scheme on CUDA GPUs

Preserved Fulltext

Lattice-Based Group Signature Scheme with Verifier-Local Revocation [chapter]

Preserved Fulltext

The Singular Theta Correspondence, Lorentzian Lattices and Borcherds-Kac-Moody Algebras [article]

Preserved Fulltext

Size effects in the electronic properties of finite arrays of exchange coupled quantum dots: A renormalization group approach [article]

Preserved Fulltext

Better Zero-Knowledge Proofs for Lattice Encryption and Their Application to Group Signatures [chapter]

Preserved Fulltext