## Cryptology ePrint Archive: Report 2018/034

Constant-size Group Signatures from Lattices

San Ling and Khoa Nguyen and Huaxiong Wang and Yanhong Xu

Abstract: Lattice-based group signature is an active research topic in recent years. Since the pioneering work by Gordon, Katz and Vaikuntanathan (Asiacrypt 2010), ten other schemes have been proposed, providing various improvements in terms of security, efficiency and functionality. However, in all known constructions, one has to fix the number $N$ of group users in the setup stage, and as a consequence, the signature sizes are dependent on $N$.

In this work, we introduce the first constant-size group signature from lattices, which means that the size of signatures produced by the scheme is independent of $N$ and only depends on the security parameter $\lambda$. More precisely, in our scheme, the sizes of signatures, public key and users' secret keys are all of order $\widetilde{\mathcal{O}}(\lambda)$. The scheme supports dynamic enrollment of users and is proven secure in the random oracle model under the Ring Short Integer Solution (RSIS) and Ring Learning With Errors (RLWE) assumptions. At the heart of our design is a zero-knowledge argument of knowledge of a valid message-signature pair for the Ducas-Micciancio signature scheme (Crypto 2014), that may be of independent interest.

Category / Keywords: lattice-based cryptography, constant-size group signatures, zero-knowledge proofs, Ducas-Micciancio signature

Original Publication (with minor differences): IACR-PKC-2018

Date: received 7 Jan 2018, last revised 8 Jan 2018

Contact author: xu0014ng at ntu edu sg

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2018/034

[ Cryptology ePrint archive ]