Group signatures and more from isogenies and lattices: generic, simple, and efficient (Q6041582): Difference between revisions

This is an extended version of the publication [\textit{W. Beullens} et al., Lect. Notes Comput. Sci. 13276, 95--126 (2022; Zbl 1497.94135)]. Here, an efficient accountable generic accountable post-quantum ring signature construction based on isogeny (0-reserving morphism between elliptic curves over a prime field with characteristic \(p \geqslant 5\)) and specially constructed lattices is presented and correctness and security of the proposed signature is proved. It is shown, that the construction satisfies the ideal security properties from [\textit{J. Bootle} et al., Lect. Notes Comput. Sci. 9696, 117--136 (2016; Zbl 1346.94141)], e.g. the group members are not fixed on setup but can be added and revoked dynamically, anonymity holds even in the presence of an adversary that sees the signing keys of all honest users and arbitrary collusion among members even with the help of a corrupted group manager cannot falsely open a signature. The main advantage of the presented construction is the small size of obtained signatures (e.g. 6.6 KB for a group with 64 members), an order of magnitude smaller than all previously known post-quantum group signatures. The results are compared with those from two other isogeny-based signature constructs [\textit{K.-M. Chung} et al., ``Isogeny-based group signatures and accountable ring signatures in QROM'', Preprint, \url{arXiv:2110.04795}; \textit{Y.-F. Lai} and \textit{S. Dobson}, ``Collusion resistant revocable ring signatures and group signatures from hard homogeneous spaces'', Preprint, \url{https://ia.cr/2021/1365}]).