Abstract
Enhanced Privacy ID (EPID) signatures can be viewed as a direct anonymous attestation mechanism with expanded revocation capabilities. When the device’s private key is unknown, the revocation manager can revoke a device based on its signatures. Making these systems post-quantum secure is of great importance due to its widespread application in real-world systems. Boneh et al. first propose two post-quantum EPID signature schemes based on symmetric primitives only. In this work, we propose an EPID signature scheme based on la ttices. To the best of our knowledge, our EPID signature scheme based on lattices is the first strong post-quantum variant of EPID signature scheme which achieves security based on the hardness of standard short integer solution (SIS) problem. Our construction employs an updatable Merkle tree accumulator which provides us the flexibility that our EPID signature scheme supports dynamically joining or revoking of any group members at any time. We provide an estimated efficiency comparison of our EPID signature with the existing similar schemes and we observe that our scheme is comparable with the existing schemes despite the usage of strong post-quantum variant and enjoying post-quantum security.
