# American Institute of Mathematical Sciences

doi: 10.3934/amc.2020027

## Group signature from lattices preserving forward security in dynamic setting

 Department of Mathematics, Indian Institute of Technology Kharagpur, Kharagpur-721302, India

* Corresponding author: Meenakshi Kansal

Received  October 2018 Revised  March 2019 Published  September 2019

We propose the first lattice-based dynamic group signature scheme achieving forward security. Our scheme is proven to be secure against framing attack, misidentification attack and preserves anonymity under the learning with errors (${\mathsf{LWE}}$) and short integer solution (${\mathsf{SIS}}$) assumptions in the random oracle model. More interestingly, our setting allows the group manager to generate distinct certificates to distinct users which can be updated by the users themselves without any interaction with the group manager. Furthermore, our scheme is dynamic where signing key of a user is not fixed during the setup and is issued only at the joining time of the user.

Citation: Meenakshi Kansal, Ratna Dutta, Sourav Mukhopadhyay. Group signature from lattices preserving forward security in dynamic setting. Advances in Mathematics of Communications, doi: 10.3934/amc.2020027
##### References:

show all references

##### References:
Node Labeling
Comparative summary of lattice based group signature schemes
 Scheme Forward secure Dynamic Signature size Public key size Certificate size Signer's SK size [8] No No $N\cdot \tilde{\mathcal{O}}(n^2)$ $N\cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n^2)$ [5] No No $N\cdot \tilde{\mathcal{O}}(n^2)$ $N\cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n^2)$ [10] No No $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n^2)$ [14] No No $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n)$ [11] No Yes $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ $\log N \cdot \mathcal{O}(n)$ $\tilde{\mathcal{O}}(n)$ [15] Yes No $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ - $\log N \; \tilde{\mathcal{O}}(n^2)$ Ours Yes Yes $\log N\; \tilde{\mathcal{O}}(n^3)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ $\log N \; \tilde{\mathcal{O}}(n^2)$ $\tilde{\mathcal{O}}(n)$
 Scheme Forward secure Dynamic Signature size Public key size Certificate size Signer's SK size [8] No No $N\cdot \tilde{\mathcal{O}}(n^2)$ $N\cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n^2)$ [5] No No $N\cdot \tilde{\mathcal{O}}(n^2)$ $N\cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n^2)$ [10] No No $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n^2)$ [14] No No $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ - $\tilde{\mathcal{O}}(n)$ [11] No Yes $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ $\log N \cdot \mathcal{O}(n)$ $\tilde{\mathcal{O}}(n)$ [15] Yes No $\log N \cdot \tilde{\mathcal{O}}(n)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ - $\log N \; \tilde{\mathcal{O}}(n^2)$ Ours Yes Yes $\log N\; \tilde{\mathcal{O}}(n^3)$ $\log N \cdot \tilde{\mathcal{O}}(n^2)$ $\log N \; \tilde{\mathcal{O}}(n^2)$ $\tilde{\mathcal{O}}(n)$

2018 Impact Factor: 0.879