IET Information Security (Jul 2021)
Lattice‐based nominative signature using pseudorandom function
Abstract
Abstract A nominative signature (NS) is a cryptographic primitive where two parties collude to produce a signature. It is a user certification system and has applications in a variety of sectors where nominee cannot trust heavily on the nominator to validate the nominee's certificate and only targeted entities are allowed to verify the signature on sensitive data. A new construction for NS from standard assumptions on lattice is provided. The authors’ construction relies on collision‐resistant preimage sampleable function and symmetric key primitives like collision‐resistant pseudorandom function and zero knowledge proof system ZKB++ for Boolean circuits. The authors provide detailed security analysis and show that their construction achieves security under unforgeability, invisibility, impersonation, and non‐repudiation in the existing model. Furthermore, our construction exhibits non‐transferability. The security under non‐repudiation is achieved in the quantum random oracle model using Unruh transform to ZKB++.
Keywords