计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (9): 396-404.doi: 10.11896/jsjkx.240700126

• 信息安全 • 上一篇    

NTRU格上基于身份的可链接环签密

唐嘉一1, 黄晓芳1, 王励成2, ODOOM J1   

  1. 1 西南科技大学计算机科学与技术学院 四川 绵阳 621010
    2 北京理工大学网络空间安全学院 北京 100081
  • 收稿日期:2024-07-22 修回日期:2024-10-15 出版日期:2025-09-15 发布日期:2025-09-11
  • 通讯作者: 黄晓芳(xf.swust@qq.com)
  • 作者简介:(370650487@qq.com)
  • 基金资助:
    国家重点研发计划(2022YFB2702700);四川省科技厅重点研发项目(2022YFG0321);四川省自然科学基金(2022NSFSC0916)

Identity-based Linkable Ring Signcryption on NTRU Lattice

TANG Jiayi1, HUANG Xiaofang1, WANG Licheng2, ODOOM J1   

  1. 1 Department of Computer Science and Technology,Southwest University of Science and Technology,Mianyang,Sichuan 621010,China
    2 Department of Cyberspace Security,Beijing Institute of Technology,Beijing 100081,China
  • Received:2024-07-22 Revised:2024-10-15 Online:2025-09-15 Published:2025-09-11
  • About author:TANG Jiayi,born in 2000,postgra-duate,is a member of CCF(No.N8847G).Her main research interests include blockchain and cryptography.
    HUANG Xiaofang,born in 1977,professor,Ph.D,postgraduate supervisor,is a member of CCF(No.N1566S).Her main research interests include blockchain and cryptography.
  • Supported by:
    National Key Research and Development Program of China(2022YFB2702700),Key Research and Development Projects of the Technology Department of Sichuan Province,China(2022YFG0321) and Natural Science Foundation of Sichuan Province,China(2022NSFSC0916).

PDF (PC)

11

摘要: 目前基于格的环签密方案虽然能抵抗量子攻击,但密钥存储和加解密时间开销仍较大。具有可链接性的格上环签密方案不仅能保护签名者的匿名性,还能判定两种签名是否为同一签名者生成。因此,基于紧凑高斯采样算法和拒绝抽样技术,在NTRU格上构造了基于身份的可链接环签密方案。首先,利用NTRU格上的陷门生成算法生成系统主密钥;然后基于紧凑高斯采样算法得到环成员的私钥;最后运用拒绝抽样技术生成用户签名,并通过密钥封装机制对签名加密。通过随机预言模型(ROM)中的安全性证明,验证了该方案在DRLWE和NTRU小整数解难题下,具有保密性、不可伪造性、无条件匿名性以及可链接性。性能分析表明,与基于格的环签密方案和NTRU上的可链接环签名方案相比,该方案具有较小的公钥和较低的加解密成本,效率得到了极大提升。

关键词: NTRU格, 可链接环签密, 基于身份的加密, 小整数解问题, 拒绝抽样技术

Abstract: Although the current lattice-based ring signcryption scheme resists quantum attacks,it has large key storage and high encryption/decryption time.The linkable lattice ring signcryption scheme not only can protect signer anonymity,but also can determine whether two signatures are generated by the same signer.Thus,based on the compact Gaussian sampling algorithm and rejection sampling technique,the identity-based linkable ring signcryption scheme is constructed on the NTRU lattice.Firstly,the system master key is generated using the trapdoor generation algorithm on the NTRU lattice.Then private keys of ring members are obtained based on the compact Gaussian sampling algorithm.Finally,the user signature is generated using rejection sampling,and the key encapsulation mechanism encrypts the signature.Security proof in the random oracle model (ROM) that DRLWE and NTRU small integer solutions are difficult to solve ensures confidentiality,unforgeability,unconditional anonymity,and linkability.Performance analysis shows that compared to the lattice-based ring signcryption and linkable ring signature schemes on NTRU,the proposed scheme has a smaller public key and lower encryption/decryption cost,greatly improving efficiency.

Key words: NTRU lattice, Linkable ring signcryption, Identity-based cryptography, Small integer solution, Rejection sampling technology

中图分类号: 

  • TP309.7
[1]NAYAK P,SWAPNA G.Security issues in IoT applications using certificateless aggregate signcryption schemes:An overview[J].Internet of Things,2023,21:100641.
[2]XIANG Y J,HUANG X F,XIANG K F,et al.A Blockchain Certificateless Encryption Me-chanism Based on the National Cryptography Algorithm[J].Computer Science,2024,51(8):440-446.
[3]CHEN X Y,HUANG X F.Fully Constrained Revocable Signature[J].Computer Applications and Research,2021,38(6):1843-1848.
[4]NING Q,JIN C,CHEN Z,et al.An Efficient HeterogeneousRing Signcryption Scheme for Wireless Body Area Networks[J].Computer Systems Science & Engineering,2023,47(2):2061-2078.
[5]CAI Y,ZHANG H,FANG Y.A conditional privacy protection scheme based on ring signcryption for vehicular ad hoc networks[J].IEEE Internet of Things Journal,2020,8(1):647-656.
[6]GUO H,DENG L.Certificateless Ring Signcryption Schemefrom Pairings[J].International Journal of Netw Security,2020,22(1):102-111.
[7]GUO R,XU L,LI X,et al.An efficient certi-ficateless ring signcryption scheme with con-ditional privacy-preserving in VANETs[J].Journal of Systems Architecture,2022,129:102633.
[8]DU H,WEN Q,ZHANG S,et al.An improved conditional privacy protection scheme based on ring signcryption for vanets[J].IEEE Internet of Things Journal,2023,10(20):17881-17892.
[9]YADAV V K.Anonymous and linkable ring signcryptionscheme for location-based services in VANETs[J].Vehicular Communications,2024,45:100717.
[10]TANG Y L,XIA F F,YE Q,et al.Identity-Based Linkable Ring Signature on Lattice[J].Security and Communication Networks,2021,8(2):232-247.
[11]YU H,SHI J.Certificateless multi-source signcryption with lattice[J].Journal of King Saud University-Computer and Information Sciences,2022,34(10):10157-10166.
[12]YU H,WANG H.Lattice-based threshold signcryption forblockchain oracle data trans-mission[J].IEEE Transactions on Intelligent Transportation Systems,2023,24(10):11057-11065.
[13]YU H,BAI L.Post-quantum blind signcryp-tion scheme from lattice[J].Frontiers of Information Technology & Electronic Engineering,2021,22(6):891-901.
[14]YU H,WANG W,ZHANG Q.Certificateless anti-quantum ring signcryption for network coding[J].Knowledge-Based Systems,2022,235:107655.
[15]YU H,LYU Z.Lattice-based ring signcryption for consortiumblockchain[J].Journal of King Saud University-Computer and Information Sciences,2023,35(7):101602.
[16]ODOOM J,HUANG X,ZHOU Z,et al.Linked or unlinked:A systematic review of linkable ring signature schemes[J].Journal of Systems Architecture,2023,134:102786.
[17]XUE Y,LU X,AU M H,et al.Efficient Link-able Ring Signatures:New Framework and Post-Quantum Instantiations[C]//Computer Security-ESORICS 2024.2024:435-456.
[18]HUI X,CHAU S C K.LLRing:Logarithmic Linkable Ring Signatures with Transparent Setup[C]//Computer Security-ESORICS 2024.2024:299-319.
[19]LU X Y,AU M H,ZHANG Z F.Raptor:a practical lattice based (linkable) ring signature[C]//Proceedings of the International Confe-rence on Applied Cryptography and Network Security.Cham:Springer, 2019:110-130.
[20]TANG Y,XIA F,YE Q,et al.Identity-based linkable ring signature on NTRU lattice[J].Security and Communication Networks,2021,2021(1):9992414.
[21]YE Q,WANG M Y,MENG H,et al.Efficient Linkable Ring Signature Scheme over NTRU Lattice with Unconditional Anonymity[J].Computational Intelligence and Neuroscience,2022,2022(1):8431874.
[22]ALBERTO TORRES W A,STEINFIELD R,SAKZAD A,et al.Post-quantum one-time linkable ring signature and application to ring confidential transactions in blockchain (lattice RingCT v1.0)[C]//Information Security and Privacy:23rd Australasian Conference.Cham:Springer,2018:558-576.
[23]KIM B G,WONG D,YANG Y S.Quan-tum-Secure HybridBlockchain System for DID-based Verifiable Random Function with NTRU Linkable Ring Signature[J].arXiv:2401.16906,2024.
[24]LYUBASHEVSKY V,PREST T.Quadratic time,linear space algorithms for Gram-Schmidt orthogonalization and Gaussian sampling in structured Lattices[C]//Proceedings of the 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EuroCrypt 2015).Berlin:Springer,2015:789-815.
[25]LYUBASHEVSKY V.Lattice signatures without trapdoors[C]//Proceedings of the 31st Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin:Springer,2012:738-755.
[26]STEHLÉ D,STEINFIELD R.Making NTRUEncrypt and NTRUSign as secure as worst-case problems over ideal lattices[C]//Advance in Cryptology-EUROCRYPT 2011.Berlin:Springer,2011:27-47.
[27]CHEN Y C.SPEKS:secure server-designation public key encryption with keyword search against keyword guessing attacks[J].The Computer Journal,2015,58(4):922-933.
[28]MCCARTHY S,SMYTH N,O’SULLIVAN E.A practical implementation of identity-based encryption over NTRU lattices[C]//Cryptography and Coding:16th IMA International Conference.Cham:Springer,2017:227-246.
[29]WEN J M,BAI L,YANG Z C,et al.LaRRS:Lattice-based revocable ring signature and its application for VANETs[J].IEEE Transactions on Vehicular Technology,2024,73:739-753.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发