A Lattice-based Signcryption Scheme Without Trapdoors
LU Xiuhua①② WEN Qiaoyan② WANG Licheng③ DU Jiao④
①(Faculty of Mathematics and Information Science, Langfang Teachers University, Langfang 065000, China) ②(State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China) ③(Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China) ④(College of Mathematics and Information Science, Henan Normal University, Xinxiang 453007, China)
The existing lattice-based signcryption schemes are based on trapdoor generation algorithm and preimage sample algorithm. However, both algorithms are complex, require a lot of time to run, and affect the efficiency of latticed-based signcryption schemes deeply. To solve this problem, the first lattice-based signcryption scheme without trapdoor generation algorithm and preimage sample algorithm is proposed, with the help of the technique of lattice signatures without trapdoors and the associated signature compression technique, as well as the encryption method based on the learning with errors assumption. The scheme achieves indistinguishability against adaptive chosen ciphertext attacks under the learning with errors assumption. It also achieves existential unforgeability against adaptive chosen message attacks under the small integer solution assumption. The proposed scheme is not only quantum resistant, but also efficient.
路秀华,温巧燕,王励成, 杜蛟. 无陷门格基签密方案[J]. 电子与信息学报, 2016, 38(9): 2287-2293.
LU Xiuhua, WEN Qiaoyan, WANG Licheng, DU Jiao. A Lattice-based Signcryption Scheme Without Trapdoors. JEIT, 2016, 38(9): 2287-2293.
ZHENG Y. Digital signcryption or how to achieve cost (signature+encryption)<<cost(signature)+cost(encryption) [C]. CRYPTO 1997, California, USA, 1997: 165-179.
[2]
MALONE-LEE J and MAO W. Two birds one stone: signcryption using rsa[C]. Proceedings of the 2003 RSA conference on The Cryptographers’ track, San Francisco, USA, 2003: 211-226.
[3]
LI Fagen and TAKAGI T. Secure identity-based signcryption in the standard model[J]. Mathematical and Computer Modelling, 2013, 57(11/12): 2685-2694.
[4]
LU Y and LI J. Efficient certificate-based signcryption secure against public key replacement attacks and insider attacks[J]. The Scientific World Journal, 2014, Article ID 295419.
[5]
Shor P. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer[J]. SIAM Journal on Computing, 1997, 26(5): 1484-1509.
YANG Xiaopeng, MA Wenping, and ZHANG Chengli. New authenticated key exchange scheme based on ring learning with errors problem[J]. Journal of Electronics & Information Technology, 2015, 37(8): 1984-1988.
ZHANG Yanhua, HU Yupu, JIANG Mingming, et al. A lattice-based revocable adaptive-id secure encryption scheme [J]. Journal of Electronics & Information Technology, 2015, 37(2): 423-428.
[8]
WANG Fenghe, HU Yupu, and WANG Chunxiao. Post- quantum secure hybrid signcryption from lattice assumption[J]. Applied Mathematics & Information Sciences, 2012, 6(1): 23-28.
[9]
LI Fagen, BIN MUHAVA F T, KHAN M K, et al. Lattice-based signcryption[J]. Concurrency and Computation: Practice and Experience, 2013, 25(14): 2112-2122.
[10]
YAN Jianhua, WANG Licheng, YANG Yixian, et al. Efficient lattice-based signcryption in standard model[J]. Mathematical Problems in Engineering, 2013, Article ID 702539.
[11]
LU Xiuhua, WEN Qiaoyan, JIN Zhengping, et al. A lattice- based signcryption scheme without random oracles[J]. Frontiers of Computer Science, 2014, 8(4): 667-675.
[12]
LYUBASHEVSKY V. Lattice signatures without trapdoors [C]. EUROCRYPT 2012, Cambridge, USA, 2012: 738-755.
[13]
BAI Shi and GALBRAITH S D. An improved compression technique for signatures based on learning with errors[C]. CT-RSA 2014, San Francisco, USA, 2014: 28-47.
[14]
FUJISAKI E and OKAMOTO T. Secure integration of asymmetric and symmetric encryption schemes[J]. Journal of Cryptology, 2013, 26(1): 80-101.
[15]
BELLARE M and NEVEN G. Multi-signatures in the plain public-key model and a general forking lemma[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, USA, 2006: 390-399.