Short Identity-Based Signatures with Tight Security from Lattices
Peer reviewed, Journal article
Accepted version
Permanent lenke
https://hdl.handle.net/11250/3112234Utgivelsesdato
2021Metadata
Vis full innførselSamlinger
- Institutt for matematiske fag [2606]
- Publikasjoner fra CRIStin - NTNU [40058]
Originalversjon
Lecture Notes in Computer Science (LNCS). 2021, 12841 360-379. 10.1007/978-3-030-81293-5_19Sammendrag
We construct a short and adaptively secure identity-based signature scheme tightly based on the well-known Short Integer Solution (SIS) assumption. Although identity-based signature schemes can be tightly constructed from either standard signature schemes against adaptive corruptions in the multi-user setting or a two-level hierarchical identity-based encryption scheme, neither of them is known with short signature size and tight security based on the SIS assumption. Here “short” means the signature size is independent of the message length, which is in contrast to the tree-based (tight) signatures.
Our approach consists of two steps: Firstly, we give two generic transformations (one with random oracles and the other without) from non-adaptively secure identity-based signature schemes to adaptively secure ones tightly. Our idea extends the similar transformation for digital signature schemes. Secondly, we construct a non-adaptively secure identity-based signature scheme based on the SIS assumption in the random oracle model.