2013
DOI: 10.1007/978-3-642-42045-0_3
|View full text |Cite
|
Sign up to set email alerts
|

Lattice-Based Group Signatures with Logarithmic Signature Size

Abstract: Abstract. Group signatures are cryptographic primitives where users can anonymously sign messages in the name of a population they belong to. Gordon et al. (Asiacrypt 2010) suggested the first realization of group signatures based on lattice assumptions in the random oracle model. A significant drawback of their scheme is its linear signature size in the cardinality N of the group. A recent extension proposed by Camenisch et al. (SCN 2012) suffers from the same overhead. In this paper, we describe the first … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

2
99
0

Year Published

2016
2016
2019
2019

Publication Types

Select...
5
2

Relationship

0
7

Authors

Journals

citations
Cited by 113 publications
(101 citation statements)
references
References 40 publications
(111 reference statements)
2
99
0
Order By: Relevance
“…Efficiency: For a security parameter n and for a group of N members, the group public key and the signature have bit-sizes O(n 2 ) · log N and O(n) · log N , respectively. This result is comparable to that of [22], and is a noticeable improvement over those of [19] and [13]. 4.…”
Section: Introductionsupporting
confidence: 64%
See 3 more Smart Citations
“…Efficiency: For a security parameter n and for a group of N members, the group public key and the signature have bit-sizes O(n 2 ) · log N and O(n) · log N , respectively. This result is comparable to that of [22], and is a noticeable improvement over those of [19] and [13]. 4.…”
Section: Introductionsupporting
confidence: 64%
“…In particular, we introduce the first group signature with verifier-local revocation from lattice assumptions, and thus, the first such scheme that is believed to be quantum-resistant. In comparison with known lattice-based group signatures, while the schemes from [19], [13] and [22] follow the CPA-anonymity and CCA-anonymity notions from [8,5], our construction satisfies the (weaker) notion of selfless-anonymity for VLR group signatures from [9]. Nevertheless, our scheme has several remarkable advantages over the contemporary counterparts: 1.…”
Section: Introductionmentioning
confidence: 95%
See 2 more Smart Citations
“…In particular, the Groth scheme applies efficient zero-knowledge proofs for bilinear groups, which are known as Groth-Sahai proofs [26]. In addition to these schemes, lattice-based constructions were proposed [24,33,32,13].…”
Section: Related Workmentioning
confidence: 99%