2018
DOI: 10.1016/j.tcs.2018.03.027
|View full text |Cite
|
Sign up to set email alerts
|

A lattice-based group signature scheme with verifier-local revocation

Abstract: Abstract. Support of membership revocation is a desirable functionality for any group signature scheme. Among the known revocation approaches, verifier-local revocation (VLR) seems to be the most flexible one, because it only requires the verifiers to possess some up-to-date revocation information, but not the signers. All of the contemporary VLR group signatures operate in the bilinear map setting, and all of them will be insecure once quantum computers become a reality. In this work, we introduce the first l… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
12
0

Year Published

2019
2019
2022
2022

Publication Types

Select...
4
3

Relationship

1
6

Authors

Journals

citations
Cited by 26 publications
(12 citation statements)
references
References 36 publications
0
12
0
Order By: Relevance
“…Meanwhile, this trading system can only ensure data integrity (signature) of messages but cannot provide confidentiality protection because messages between two edge nodes are plain to all permissioned nodes without any encryption. Furthermore, the issue of key revocation [ 22 , 23 ] is quite complicated and is not considered in such a large-scale decentralised system [ 24 ].…”
Section: Related Workmentioning
confidence: 99%
“…Meanwhile, this trading system can only ensure data integrity (signature) of messages but cannot provide confidentiality protection because messages between two edge nodes are plain to all permissioned nodes without any encryption. Furthermore, the issue of key revocation [ 22 , 23 ] is quite complicated and is not considered in such a large-scale decentralised system [ 24 ].…”
Section: Related Workmentioning
confidence: 99%
“…At PKC 2014, Langiois et al [10] introduced the first GS over lattices to support membership revocation with verifier-local revocation (VLR) mechanism. Because of an improper design, there is a flaw of [10], this mistake is completely fixed, and a secure scheme [11] was provided. As an orthogonal problem of membership revocation, enrollment is also noteworthy, and this problem was first resolved by Libert et al [12].…”
Section: Introductionmentioning
confidence: 99%
“…Membership revocation is also noteworthy for GS, and the VLR mechanism is the most flexible choice in the mobile network that allows anonymous authentication. After the first GS-VLR over lattices was given by Langlois et al [10], some new constructions are proposed [11,16,17]. However, all schemes are within Bonsai trees [18] and featuring bitsizes of group public-key and member secret signing key proportional to log N; therefore, these schemes are not suitable for certain large group, the only two exceptions [19,20].…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…Nevertheless, regarding the supports of advanced functionalities, lattice-based group signatures are still way behind their number-theoretic-based counterparts. Indeed, there have been known only a few lattice-based schemes [32,31,28,35,36] that depart from the BMW model [2] -which deals solely with static groups and which may be too inflexible to be considered for a wide range of real-life applications. In particular, although there was an attempt [31] to restrict the power of the OA in the MDO sense, the problem of making the OA accountable in the context of lattice-based group signatures is still open.…”
Section: Introductionmentioning
confidence: 99%