Abstract: identity-based signature has become an important technique for lightweight authentication as soon as it was proposed in 1984. Thereafter, identity-based signature schemes based on the integer factorization problem and discrete logarithm problem were proposed one after another. Nevertheless, the rapid development of quantum computers makes them insecure. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions against attacks in the quantum era. However, their efficiency is not very satisfactory. In this study, an efficient identity-based signature scheme is presented over the number theory research unit (NTRU) lattice assumption. The new scheme is more efficient than other lattice- and identity-based signature schemes. The new scheme proves to be unforgeable against the adaptively chosen message attack in the random oracle model under the hardness of the γ-shortest vector problem on the NTRU lattice.

NTRU格上基于身份签名的高效方案

[1]Babai, L., 1986. On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica, 6(1):1-13.

[2]Barreto, P.S.L.M., Libert, B., McCullagh, N., et al., 2005. Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. 11th Int. Conf. on the Theory and Application of Cryptology and Information Security, p.515-532.

[3]Bernstein, D.J., 2009. Introduction to post-quantum cryptography. In: Bernstein, D.J., Buchmann, J., Dahmen, E. (Eds.), Post-Quantum Cryptography. Springer-Verlag, Berlin, p.1-14.

[4]Boneh, D., Franklin, M., 2001. Identity based encryption from the Weil pairing. 21st Annual Int. Cryptology Conf., p.213-229.

[5]Desmedt, Y., Quisquater, J.J., 1987. Public-key systems based on the difficulty of tampering (Is there a difference between DES and RSA?). LNCS, 263:111-117.

[6]Ducas, L., Lyubashevsky, V., Prest, T., 2014. Efficient identity-based encryption over NTRU lattice. 20th Int. Conf. on the Theory and Application of Cryptology and Information Security, p.22-41.

[7]Gentry, C., Peikert, C., Vaikuntanathan, V., 2008. Trapdoors for hard lattices and new cryptographic constructions. 40th Annual ACM Symp. on Theory of Computing, p.197-206.

[8]Hess, F., 2003. Efficient identity based signature schemes based on pairings. 9th Annual Int. Workshop on Selected Areas in Cryptography, p.310-324.

[9]Krenn, M., Huber, M., Fickler, R., et al., 2014. Generation and confirmation of a (100×100)-dimensional entangled quantum system. PNAS, 111(17):6243-6247.

[10]Li, F.G., Muhaya, F.T.B., Khan, M.K., et al., 2012. Lattice-based signcryption. Concurr. Comput. Pract. Exp., 25(14):2112-2122.

[11]Liu, Z.H., Hu, Y.P., Zhang, X.S., et al., 2013. Efficient and strongly unforgeable identity-based signature scheme from lattices in the standard model. Secur. Commun. Network., 6(1):69-77.

[12]Lyubashevsky, V., 2012. Lattice signatures without trapdoors. 31st Annual Int. Conf. on the Theory and Applications of Cryptographic Techniques, p.738-755.

[13]Maurer, U.M., Yacobi, Y., 1991. Non-interactive public-key cryptography. Workshop on the Theory and Application of Cryptographic Techniques, p.498-507.

[14]Micciancio, D., Regev, O., 2009. Lattice-based cryptography. In: Bernstein, D.J., Buchmann, J., Dahmen, E. (Eds.), Post-Quantum Cryptography. Springer-Verlag, Berlin, p.147-191.

[15]Nguyen, P.Q., Regev, O., 2006. Learning a parallelepiped: cryptanalysis of GGH and NTRU signatures. 24th Annual Int. Conf. on the Theory and Applications of Cryptographic Techniques, p.271-288.

[16]Paterson, K.G., Schuldt, J.C.N., 2006. Efficient identity-based signatures secure in the standard model. 11th Australasian Conf. on Information Security and Privacy, p.207-222.

[17]Rückert, M., 2010. Strongly unforgeable signatures and hierarchical identity-based signatures from lattices without random oracles. Proc. 3rd Int. Workshop on PQCrypto, p.182-200.

[18]Shamir, A., 1984. Identity-based cryptosystems and signature schemes. Proc. CRYPTO, p.47-53.

[19]Shor, P.W., 1997. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput., 26(5):1484-1509.

[20]Stehlé, D., Steinfeld, R., 2013. Making NTRUEncrypt and NTRUSign as secure as standard worst-case problems over ideal lattices. Cryptology ePrint Archive 2013/004. Available from http://eprint.iacr.org/2013/004.

[21]Tanaka, H., 1987. A realization scheme for the identity-based cryptosystem. CRYPTO, p.341-349.

[22]Tian, M.M., Huang, L.S., 2014. Efficient identity-based signature from lattices. Proc. 29th IFIP TC 11 Int. Conf., p.321-329.

[23]Tian, M.M., Huang, L.S., Yang, W., 2013. Efficient hierachical identity-based signatures from lattices. Int. J. Electron. Secur. Dig. Forens., 5(1):1-10.

[24]Tsuji, S., Itoh, T., 1989. An ID-based cryptosystem based on the discrete logarithm problem. IEEE J. Sel. Areas Commun., 7(4):467-473.