前向安全的格上基于身份签密方案

针对目前基于格的签密方案尚不能满足前向安全性，提出一个具有前向安全的基于身份的签密方案。首先，该方案利用格基授权算法对用户和发送者的公私钥对进行更新；其次，结合基于格上错误学习问题的原像采样算法进行用户签名，并利用包含签名信息的哈希值对消息进行加密。在随机预言机模型下，证明该方案是适应性选择身份和选择密文攻击安全（IND-sID-CCA2）和强不可伪造选择消息攻击安全（sUF-CMA）的，同时证明了该方案具有前向安全性。相对于基于配对的签密方案，所提方案在计算速度和密文扩展率的优势都较为明显。

Forward secure identity-based signcryption from lattice

To solve the problem that current signcryption schemes based on lattice cannot achieve forward security, a new identity-based signcryption scheme with forward security was proposed. Firstly, lattice basis delegation algorithm was used to update the users' public keys and private keys. Then, the preimage sampleable functions based on Learning With Errors (LWE) over lattice was used to sign the message,and the signature was also used to encrypt the message. The scheme was proved to be adaptive INDistinguishiability selective IDentity and Chosen-Ciphertext Attack (IND-sID-CCA2) secure, strong UnForgeable Chosen-Message Attack (sUF-CMA) secure and forward secure. Compared with the signcryption schemes based on pairings, the proposed scheme has more advantages in computational efficiency and ciphertext extension rate.