Paper 2021/970

Short Identity-Based Signatures with Tight Security from Lattices

Jiaxin Pan and Benedikt Wagner


We construct a short and adaptively secure identity-based signature scheme tightly based on the well-known Short Integer Solution (SIS) assumption. Although identity-based signature schemes can be tightly constructed from either standard signature schemes against adaptive corruptions in the multi-user setting or a two-level hierarchical identity-based encryption scheme, neither of them is known with short signature size and tight security based on the SIS assumption. Here ``short'' means the signature size is independent of the message length, which is in contrast to the tree-based (tight) signatures. Our approach consists of two steps: Firstly, we give two generic transformations (one with random oracles and the other without) from non-adaptively secure identity-based signature schemes to adaptively secure ones tightly. Our idea extends the similar transformation for digital signature schemes. Secondly, we construct a non-adaptively secure identity-based signature scheme based on the SIS assumption in the random oracle model.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. MINOR revision.PQCrypto 2021
Identity-based signaturestight securityshort integer solution assumptionlattices
Contact author(s)
jiaxin pan @ ntnu no
udpto @ student kit edu
2021-12-03: last of 2 revisions
2021-07-22: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jiaxin Pan and Benedikt Wagner},
      title = {Short Identity-Based Signatures with Tight Security from Lattices},
      howpublished = {Cryptology ePrint Archive, Paper 2021/970},
      year = {2021},
      doi = {10.1007/978-3-030-81293-5_19},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.