A certificateless ring signature scheme based on lattice

Abstract

For the problems that ring signature needs key escrow, has some security risks, and cannot avoid malicious key generation center (KGC) in the post‐quantum era, we design a certificateless ring signature scheme based on lattice (L‐CRSS). In our scheme, the bimodal Gaussian distribution is used to improve the security and efficiency. Compared with the previous ring signature scheme based on lattice, our design does not need key escrow, does not disclose the signer's identity, can avoid malicious KGC, achieves the constant signature size, and has higher security and efficiency in the post‐quantum era. Finally, under random oracle model (ROM), we prove that our scheme is anonymous against the full‐key exposure, and existentially unforgeable against adaptive chosen message attacks (EUF‐CMA).