A Certificateless Linearly Homomorphic Signature Scheme Based on Lattice for Network Coding

Homomorphic signature is an extremely important public key authentication technique for network coding to defend against pollution attacks. However, there are many problems with previous homomorphic signature schemes which require key escrow, cannot resist malicious key generation center (KGC), and are insecure in the post-quantum era. Therefore, we propose a lattice-based certificateless linearly homomorphic signature scheme. In our scheme, certificateless structure can avoid key escrow and malicious KGC. The lattice structure ensures that our scheme is secure in the post-quantum era. The bimodal Gaussian distribution is used to improve the security and the efficiency. Compared with the previous schemes, our scheme has smaller storage space (no key escrow), can avoid malicious KGC, is more secure in the post-quantum era, and has higher signature efficiency. At the same time, our scheme is more suitable for network coding. Finally, under random oracle model, we proved that our scheme is weakly context hiding and existentially unforgeable against adaptive chosen message attacks against external attackers and the internal KGC.