An Improved Group Signature Scheme with VLR over Lattices
For group signatures (GS) supporting membership revocation, verifier-local revocation (VLR) mechanism is the most flexible choice. As a post-quantum secure cryptographic counterpart of classical schemes, the first dynamic GS-VLR scheme over lattices was put forward by Langlois et al. at PKC 2014; furthermore, a corrected version was shown at TCS 2018. However, both designs are within Bonsai trees and featuring bit-sizes of group public-key and member secret signing key proportional to log N where N is the group size; therefore, both schemes are not suitable for a large group. In this paper, we provide an improved dynamic GS-VLR over lattices, which is efficient by eliminating a O log N factor for both sizes. To realize the goal, we adopt a more efficient and compact identity-encoding technique. At the heart of our new construction is a new Stern-type statistical zero-knowledge argument of knowledge protocol which may be of some independent cryptographic interest.