Proxy signature scheme is an important cryptographic primitive, for an entity can delegate his signing right to another entity. Although identity-based proxy signature schemes based on conventional number-theoretic problems have been proposed for a long time, the researchers have paid less attention to lattice-based proxy signature schemes that can resist quantum attack. In this paper, we first propose an identity-based proxy signature scheme over Number Theory Research Unit (NTRU)-lattice. We proved that the proposed paradigm is secure under the hardness of the -shortest vector problem on the NTRU lattice in random oracle model; furthermore, the comparison with some existing schemes shows our scheme is more efficient in terms of proxy signature secret key size, proxy signature size, and computation complexity. As the elemental problem of the proposed scheme is difficult even for quantum computation model, our scheme can work well in quantum age.
KEYWORDSidentity-based, NTRU lattice, proxy signature, quantum computation Proxy signature, proposed by Mambo, Usuda, and Okamoto, 1 is a significant cryptographic scheme that is widely used in different situations, such as cloud computing, e-commerce, and electronic election. Proxy signature can guarantee the security of signature commission, that is, the original signer entrusts his right to the proxy signer, the proxy signer instead of the original signer to sign the message, and even the proxy signer cannot forge the user's signature. The researchers have proposed many effective proxy signature schemes based on large prime factorization and discrete logarithm problems. [2][3][4] However, these categories of schemes are not safe over the long term, because both are solved in polynomial time when we take quantum computation model into consideration. 5 In order to reduce the threat from the quantum computer, many researchers have paid their attention to post-quantum cryptography and proposed some effective proxy signature schemes based on hash, multivariate public key cryptosystems (MPKC), and lattice. [6][7][8][9] As a typical representation of the post-quantum cryptography, lattice-based signature schemes occupy a position of particular interest, because they rely on well-studied problems and come with uniquely strong security guarantees. 10 Many organizations and researchers are committed to design effective lattice-based signature schemes to replace Rivest-Shamir-Adleman (RSA) and elliptic curve cryptography (ECC)-based schemes, and results show that properly optimized lattice-based proxy signature schemes may compete with or even outperform these schemes based on conventional number-theoretic problems. Gentry et al 11 proposed a provable secure lattice-based signature scheme in 2008. Since then, many researchers have proposed lattice-based proxy signature schemes by using preimage sampling technique, which costs a lot of time and resources. Jiang et al 12 constructed lattice-based proxy signature schemes by using bonsai tree Int J Commun Syst. 2019;32:e3867.wileyon...