| 26 | 0 | 217 |
| 下载次数 | 被引频次 | 阅读次数 |
针对签名密钥尺寸过长、基于SIS(Short Integer Solution)身份签名运算复杂度较高、安全性不足的问题,提出了一种基于环上小整数解问题的身份签名方案。首先,利用环上陷门生成算法生成公钥矩阵和陷门矩阵,通过哈希函数将用户身份映射至环元素,并生成短向量私钥。其次,执行双峰高斯采样掩码,再结合消息与承诺值生成挑战,计算响应并进行低位截断压缩,最终输出短签名。最后,验证阶段通过恢复近似响应并检查多项式环运算关系与范数界限,完成签名合法性判定。通过理论分析证明了方案在随机预言机模型下的正确性与强不可伪造性,通过分叉引理,将可能的伪造攻击转化为R-SIS(Ring Short Integer Solution)问题的解,从而论证在多项式时间内无法被有效攻击。实验显示签名生成平均耗时15.8 ms,签名验证时间平均值为10.7 ms,表明方案具有良好的稳定性和高效性。且在时间与存储开销方面,相较于其他方案具备显著优势。
Abstract:Aiming at the problems of too long signature key size, high computational complexity of SIS(Short Integer Solution) identity signature and insufficient security, an identity signature scheme based on the small integer solution problem on the ring is proposed. Firstly, the trapdoor generation algorithm on the ring is used to generate the public key matrix and the trapdoor matrix, and the user identity is mapped to the ring element through the hash function, and a short vector private key is generated. Secondly, the bimodal Gaussian sampling mask is performed, and the challenge is generated by combining the message and the commitment value, and the response is calculated and low-order truncation compression is performed to finally output the short signature. Finally, the verification stage completes the signature legitimacy judgment by restoring the approximate response and checking the polynomial ring operation relationship and norm limit. The correctness and strong unforgeability of the scheme under the random oracle model are proved by theoretical analysis. Through the bifurcation lemma, the possible forgery attack is converted into the solution of the R-SIS(Ring Short Integer Solution) problem, thus proving that it cannot be effectively attacked in polynomial time. Experiments show that the average signature generation time is 15.8 ms, and the average signature verification time is 10.7 ms, indicating that the scheme has good stability and efficiency. And in terms of time and storage overhead, it has significant advantages over other schemes.
[1] SHAMIR A.Identity-based cryptosystems and signature sch-emes[C]//Workshop on the theory and application of cryptographic techniques.Berlin:Springer,1984:47-53.
[2] 夏雯雯,谷大武,王更.格签名综述[J].密码学报,2025,12(2):265-282.
[3] AJTAI M.Generating hard instances of lattice problems[C]//Proceedings of the twenty-eighth annual ACM symposium on theory of computing.Philadelphia:ACM,1996:99-108.
[4] MICCIANCIO D,REGEV O.Worst-case to average-case reductions based on Gaussian measures[J].SIAM Journal on Computing,2007,37(1):267-302.
[5] GENTRY C,PEIKERT C,VAIKUNTANATHAN V.Trapdoors for hard lattices and new cryptographic constructions[C]//Proceedings of the fortieth annual ACM symposium on theory of computing.Victoria:ACM,2008:197-206.
[6] DUCAS L,DURMUS A,LEPOINT T,et al.Lattice signatures and bimodal Gaussians[C]//Annual cryptology conference.Santa Barbara:Springer,2013:40-56.
[7] LYUBASHEVSKY V.Lattice signatures without trapdoors[C]//Annual international conference on the theory and applications of cryptographic techniques.Berlin:Springer,2012:738-755.
[8] TOMITA T,SHIKATA J.Compact and tightly secure (anonymous) IBE from module LWE in the QROM[J].Cryptology ePrint Archive,2024(2024):1765.
[9] DUBOIS A.Lattice-based proof-friendly signatures from vanishing short integer solutions[C]//IACR international conference on public-key cryptography.Cham:Springer,2025:452-486.
[10] PAN J,WAGNER B.Short identity-based signatures with tight security from lattices[C]//International conference on post-quantum cryptography.Cham:Springer,2021:360-379.
[11] WANG Y,WANG B,LAI Q,et al.Identity-based matchmaking encryption with stronger security and instantiation on lattices[J].Theoretical Computer Science,2025,1029:115048.
[12] LUO B.Identity-based signature from lattices without trapdoors[C]//International conference on information and communications security.Singapore:Springer,2024:211-230.
[13] SAGELOLI ??,P??BEREAU P,M??AUX P,et al.Shorter and faster identity-based signatures with tight security in the (Q) ROM from lattices[C]//International conference on applied cryptography and network security.Cham:Springer,2023:634-663.
[14] YU Q H,LI J G,JI S.Fully secure ID-based signature scheme with continuous leakage resilience[J].Security and Communication Networks,2022,2022(1):8220259.
[15] WU G,HUANG R.An efficient identity-based forward secure signature scheme from lattices[C]//2021 international wireless communications and mobile computing (IWCMC).Harbin:IEEE,2021:626-631.
[16] 魏文宽.基于Ring-LWR问题的数字签名技术研究[D].西安:西安电子科技大学,2020.
[17] 谢佳,王露,刘仕钊,等.随机预言机模型下基于身份的格基可链接环签名[J].计算机科学与探索,2024,18(8):2190-2202.
[18] SUN C,GUO Y,LI Y.One secure attribute-based proxy signature[J].Wireless Personal Communications,2018,103(2):1273-1283.
[19] WANG L,HUANG C,CHENG H.Novel proxy signature from lattice for the post-quantum Internet of Things[J].Journal of Ambient Intelligence and Humanized Computing,2023,14(8):9939-9946.
[20] GAO W,YAO H,QIN B,et al.Post-quantum secure ID-based (threshold) linkable dual-ring signature and its application in blockchain transactions[J].Cryptography,2024,8(4):48.
基本信息:
DOI:10.20165/j.cnki.ISSN1673-629X.2025.0253
中图分类号:TN918.4
引用信息:
[1]郭冰雨,缪祥华.基于R-SIS的身份签名方案[J].计算机技术与发展,2026,36(02):208-214.DOI:10.20165/j.cnki.ISSN1673-629X.2025.0253.
基金信息:
云南省重大专项计划(202302AD080002); 云南省高层次科技人才及创新团队选拨专项(202405AS350001)
2025-09-19
2025-09-19
2025-09-19