软件学报 ISSN 1000-9825, CODEN RUXUEW                                        E-mail: jos@iscas.ac.cn
                 2025,36(10):4444−4460 [doi: 10.13328/j.cnki.jos.007390] [CSTR: 32375.14.jos.007390]  http://www.jos.org.cn
                 ©中国科学院软件研究所版权所有.                                                          Tel: +86-10-62562563



                                                                               *
                 具有用户自主链接及验证者条件撤销的格基群签名

                 陈    颖,    何德彪,    彭    聪,    罗    敏


                 (空天信息安全与可信计算教育部重点实验室           (武汉大学), 湖北 武汉 430072)
                 通信作者: 何德彪, E-mail: hedebiao@163.com

                 摘 要: 群签名作为一种隐私保护的重要技术, 为用户匿名性提供良好的保障. 然而, 普通群签名方案存在可追溯
                 签名者身份的群管理员, 与区块链去中心化的特性相悖, 难以满足对于隐私性要求更严格的应用场景. 结合防双重
                 认证签名技术, 提出一种具有用户自主链接及验证者条件撤销的群签名, 较好地实现了用户隐私与平台管理之间
                 的平衡, 并给出了格上实例化方案. 通过随机谕言机模型下的安全性分析, 方案满足无私匿名性、可追溯性和不可
                 诽谤性. 通过性能分析, 方案的时间开销和通信开销均在可接受范围内. 最后, 设计了一种基于区块链的后量子安
                 全医疗数据共享条件隐私保护系统, 给出方案的具体应用实例.
                 关键词: 群签名; 后量子密码; 区块链; 条件隐私保护; 格密码
                 中图法分类号: TP309

                 中文引用格式: 陈颖, 何德彪, 彭聪, 罗敏. 具有用户自主链接及验证者条件撤销的格基群签名. 软件学报, 2025, 36(10): 4444–4460.
                 http://www.jos.org.cn/1000-9825/7390.htm
                 英文引用格式: Chen  Y,  He  DB,  Peng  C,  Luo  M.  Lattice-based  Group  Signatures  with  User-controlled  Linkability  and  Verifier
                 Conditional Revocation. Ruan Jian Xue Bao/Journal of Software, 2025, 36(10): 4444–4460 (in Chinese). http://www.jos.org.cn/1000-
                 9825/7390.htm

                 Lattice-based Group Signatures with User-controlled Linkability and Verifier Conditional
                 Revocation
                 CHEN Ying, HE De-Biao, PENG Cong, LUO Min
                 (Key Laboratory of Aerospace Information Security and Trusted Computing (Wuhan University), Wuhan 430072, China)
                 Abstract:  Recognized  as  a  crucial  privacy-protecting  technology,  group  signatures  provide  robust  anonymity  assurances  for  users.
                 However,  conventional  group  signature  schemes  often  rely  on  group  managers  capable  of  revealing  the  identities  of  signers,  a  feature  that
                 contradicts  the  decentralized  nature  of  blockchain  and  fails  to  meet  stricter  privacy  demands  in  certain  applications.  To  address  these
                 limitations,  this  study  introduces  a  group  signature  scheme  with  user-controlled  linkability  and  verifier  conditional  revocation,  inspired  by
                 double-authentication-preventing signatures and existing linkable and revocable group signatures. The proposed scheme achieves an optimal
                 balance  between  user  privacy  and  platform  oversight,  with  a  concrete  instantiation  constructed  on  lattices.  Under  the  random  oracle  model,
                 the  scheme  is  demonstrated  to  satisfy  the  properties  of  selfless  anonymity,  traceability,  and  non-frameability.  Performance  evaluations
                 indicate  that  both  time  and  communication  costs  remain  within  acceptable  limits,  ensuring  feasibility  for  practical  deployment.  In  addition,
                 a  post-quantum  secure  medical  data  sharing  system  has  been  designed,  integrating  the  proposed  group  signature  scheme  with  blockchain
                 technology.
                 Key words:  group signature; post-quantum cryptography; blockchain; conditional privacy protection; lattice



                 *    基金项目: 国家重点研发计划 (2022YFB4400700); 国家自然科学基金 (62325209, 62172307, U23A20302); 中央高校基本科研业务费专
                  项资金 (2042023KF0203, 2042024kf1013, 2042024kf0002)
                  本文由“抗量子密码与区块链应用”专题特约编辑翁健教授、祝烈煌教授、赵运磊教授推荐.
                  收稿时间: 2024-06-30; 修改时间: 2024-09-05; 采用时间: 2024-12-30; jos 在线出版时间: 2025-01-20
                  CNKI 网络首发时间: 2025-08-12