随机预言机模型下基于身份的格基可链接环签名OA北大核心CSTPCD

As a simplified group signature,ring signature has no administrator and does not require cooperation among ring members.The signer only needs his private key and the public keys of other ring members to sign.Be-cause of its natural anonymity,ring signature is widely used in scenarios such as anonymous voting,e-cash and ve-hicular ad-hoc network.As a variant of the ring signature concept,linkable ring signature can verify whether two signatures come from the same signer while maintaining anonymity,thus effectively solving malicious reporting in the reporting system and double spending in the blockchain system,further enriching the application scenarios of ring signature.This paper proposes an identity-based linkable ring signature scheme from lattice,which uses G-trapdoor generation technology to generate the system key,uses its improved trapdoor delegation technology and the preim-age sampling algorithm to extract the user's private key,and uses the rejection sampling technology under bimodal Gaussian to generate the signature.Through security analysis,the proposed scheme meets unconditional anonymity,unforgeability and linkability in random oracle model,and the security can be reduced to the hardness assumption of the small integer solution problem(short integer solution,SIS)on lattice.Compared with existing schemes,both sig-nature generation time overhead and verification time overhead are reduced by about 50%.Finally,the e-voting pro-tocol is designed by combining the scheme of this paper with a secret sharing algorithm based on XOR operation,which ensures the privacy and fairness of the e-voting system.