The blind signature scheme in the random oracle model relies on the random oracle assumption. The scheme is proven to be secure in theory, but it may not be secure in practice. This paper constructs an identity-based blind signature scheme with lattice in the standard model. A short basis delegation algorithm is introduced to generate the private key. The signature of the message is generated by the forward sampling algorithm proposed by Gentry et al. Under the standard hardness assumption of the small integer solutions problem (SIS), the new scheme is proven to be one-more unforgeable based on Juels and Pointcheval's security model in the standard model. The comparison results show that the key length and signature length are shorter, and the efficiency is higher.%随机预言模型下的盲签名方案都依赖于随机预言假设,即使方案被证明安全,在实际应用时未必安全.构造了一个标准模型下格上基于身份的盲签名方案.该方案中引入一个短格基派生算法,根据用户的身份产生对应的私钥,并利用Gentry等人提出的原像抽样陷门单向函数产生消息的签名.在标准模型下依据Juels和Pointcheval等人提出的安全模型,基于小整数解问题(small integer solutions,SIS)的困难性,证明了该方案满足one-more不可伪造性.分析表明,与同类方案相比,该方案密钥长度和签名长度有所减小,效率更高.
展开▼
