A standard digital signature is considered to be publicly verifiable,however,in an application with the special privacy protection requirement,it needs that a confidential message signed by the signer cannot be transmitted again by a dishonest designated verifier.Compared with numerous digital signature primitives with non-transferability,Chameleon Signature(CS)solves this problem more subtly by embedding a chameleon hash function into the signing algorithm.To solve the problem that all CS schemes based on the traditional number theory problems cannot resist quantum computing attacks,a new CS scheme based on the Small Integer Solution(SIS)hardness assumption over lattices is proposed.Firstly,this paper analyzes the vulnerabilities of the first CS scheme over lattices,and points out that it does not satisfy the unforgeability for any third party and the deniability for the signer;Secondly,this paper designs a new CS scheme based on the SIS problem over lattices,and proves its security strictly under the random oracle model;Finally,the comparison shows that the new CS scheme enjoys a lighter signature storage and transmission efficiency.
万方数据
维普
