{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T13:44:32Z","timestamp":1767793472427,"version":"3.49.0"},"reference-count":38,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T00:00:00Z","timestamp":1767744000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T00:00:00Z","timestamp":1767744000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"Abstract<\/jats:title>\n Verifiably encrypted signature (VES) schemes are extensively utilized in fair exchange which combine the features of encryption and signature, aiming to provide a solution that can not only verify the validity of signatures but also safeguard the privacy of signatures. With the development of quantum algorithms and quantum computing, it is necessary to construct a VES protocol that can resist attack of quantum computing. At the same time, some new security properties can also be added to the VES protocol to enhance its security. To reach this goal, we propose a state-of-the-art lattice-based verifiably encrypted group signature (VEGS) scheme. In the random oracle model, the VEGS scheme is provably secure under the assumptions of learning with error (LWE) and inhomogeneous small integer solution (ISIS). Our scheme provides five security properties, namely unforgeability, opacity, extractability, anonymity and traceability. The three properties unforgeability, opacity and extractability are the properties that the VES protocol needs to meet, and the anonymity and traceability properties are additional security properties brought by combining with the group signature.<\/jats:p>","DOI":"10.1186\/s42400-025-00526-7","type":"journal-article","created":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T10:25:19Z","timestamp":1767781519000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Lattice-based verifiably encrypted group signatures"],"prefix":"10.1186","volume":"9","author":[{"given":"Peidong","family":"Guan","sequence":"first","affiliation":[]},{"given":"Shuai","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,7]]},"reference":[{"key":"526_CR1","doi-asserted-by":"crossref","unstructured":"Abadi M, Glew N (2002) Certified email with a light on-line trusted third party: design and implementation. In: Proceedings of the Eleventh International World Wide Web Conference, pp. 387\u2013395. ACM","DOI":"10.1145\/511446.511497"},{"key":"526_CR2","doi-asserted-by":"crossref","unstructured":"Ajtai M (1996) Generating hard instances of lattice problems (extended abstract). In: Miller, G.L. (ed.) Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing (STOC), pp. 99\u2013108. ACM","DOI":"10.1145\/237814.237838"},{"issue":"3","key":"526_CR3","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1515\/jmc-2015-0016","volume":"9","author":"MR Albrecht","year":"2015","unstructured":"Albrecht MR, Player R, Scott S (2015) On the concrete hardness of learning with errors. J Math Cryptol 9(3):169\u2013203","journal-title":"J Math Cryptol"},{"key":"526_CR4","doi-asserted-by":"publisher","first-page":"591","DOI":"10.1007\/BFb0054156","volume":"1403","author":"N Asokan","year":"1998","unstructured":"Asokan N, Shoup V, Waidner M (1998) Optimistic fair exchange of digital signatures (extended abstract). Advances in Cryptology - EUROCRYPT \u201998. Lect Notes Comput Sci 1403:591\u2013606","journal-title":"Lect Notes Comput Sci"},{"key":"526_CR5","unstructured":"Bao F, Deng RH, Mao W (1998) Efficient and practical fair exchange protocols with off-line TTP. In: IEEE Symposium on Security and Privacy, pp. 77\u201385. IEEE Computer Society"},{"key":"526_CR6","doi-asserted-by":"crossref","unstructured":"Bellare M, Micciancio D, Warinschi B (2003)Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In: Advances in Cryptology - EUROCRYPT 2003. Lecture Notes in Computer Science, vol. 2656, pp. 614\u2013629. Springer","DOI":"10.1007\/3-540-39200-9_38"},{"key":"526_CR7","doi-asserted-by":"crossref","unstructured":"Boneh D, Gentry C, Lynn B, Shacham H (2003)Aggregate and verifiably encrypted signatures from bilinear maps. In: Advances in Cryptology - EUROCRYPT 2003. Lecture Notes in Computer Science, vol. 2656, pp. 416\u2013432","DOI":"10.1007\/3-540-39200-9_26"},{"key":"526_CR8","doi-asserted-by":"crossref","unstructured":"Canetti R (2001) Universally composable security: A new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science, FOCS 2001, pp. 136\u2013145. IEEE Computer Society","DOI":"10.1109\/SFCS.2001.959888"},{"key":"526_CR9","doi-asserted-by":"crossref","unstructured":"Cash D, Hofheinz D, Kiltz E, Peikert C (2010)Bonsai trees, or how to delegate a lattice basis. In: Advances in Cryptology - EUROCRYPT 2010. Lecture Notes in Computer Science, vol. 6110, pp. 523\u2013552. Springer","DOI":"10.1007\/978-3-642-13190-5_27"},{"key":"526_CR10","doi-asserted-by":"crossref","unstructured":"Chaum D, Heyst E (1991) Group signatures. In: Advances in Cryptology - EUROCRYPT \u201991. Lecture Notes in Computer Science, vol. 547, pp. 257\u2013265. Springer","DOI":"10.1007\/3-540-46416-6_22"},{"key":"526_CR11","doi-asserted-by":"crossref","unstructured":"Cramer R, Damg\u00e5rd I, Schoenmakers B (1994)Proofs of partial knowledge and simplified design of witness hiding protocols. In: Advances in Cryptology - CRYPTO \u201994, vol. 839, pp. 174\u2013187. Springer","DOI":"10.1007\/3-540-48658-5_19"},{"key":"526_CR12","doi-asserted-by":"crossref","unstructured":"Feige U, Shamir A (1990) Witness indistinguishable and witness hiding protocols. In: Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, pp. 416\u2013426. ACM","DOI":"10.1145\/100216.100272"},{"key":"526_CR13","doi-asserted-by":"crossref","unstructured":"Fiat A, Shamir A (1986) How to prove yourself: Practical solutions to identification and signature problems. In: Advances in Cryptology - CRYPTO \u201986. Lecture Notes in Computer Science, vol. 263, pp. 186\u2013194. Springer","DOI":"10.1007\/3-540-47721-7_12"},{"key":"526_CR14","doi-asserted-by":"crossref","unstructured":"Garay JA, MacKenzie PD (1999) Abuse-free multi-party contract signing. In: Distributed Computing, 13th International Symposium. Lecture Notes in Computer Science, vol. 1693, pp. 151\u2013165. Springer","DOI":"10.1007\/3-540-48169-9_11"},{"key":"526_CR15","doi-asserted-by":"crossref","unstructured":"Gentry C, Peikert C, Vaikuntanathan V (2008)Trapdoors for hard lattices and new cryptographic constructions. In: Dwork, C. (ed.) Proceedings of the 40th Annual ACM Symposium on Theory of Computing (STOC), pp. 197\u2013206. ACM","DOI":"10.1145\/1374376.1374407"},{"key":"526_CR16","doi-asserted-by":"crossref","unstructured":"Gordon SD, Katz J, Vaikuntanathan VA (2010)group signature scheme from lattice assumptions. In: Advances in Cryptology - ASIACRYPT 2010. Lecture Notes in Computer Science, vol. 6477, pp. 395\u2013412. Springer","DOI":"10.1007\/978-3-642-17373-8_23"},{"issue":"4","key":"526_CR17","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/s10207-014-0226-0","volume":"13","author":"KS Kim","year":"2014","unstructured":"Kim KS, Jeong IR (2014) Efficient verifiably encrypted signatures from lattices. Int J Inf Sec 13(4):305\u2013314","journal-title":"Int J Inf Sec"},{"key":"526_CR18","doi-asserted-by":"crossref","unstructured":"Langlois A, Ling S, Nguyen K, Wang H (2014) Lattice-based group signature scheme with verifier-local revocation. In: Public-Key Cryptography - PKC 2014. Lecture Notes in Computer Science, vol. 8383, pp. 345\u2013361. Springer","DOI":"10.1007\/978-3-642-54631-0_20"},{"key":"526_CR19","doi-asserted-by":"crossref","unstructured":"Libert B, Ling S, Mouhartem F, Nguyen K, Wang H (2016) Signature schemes with efficient protocols and dynamic group signatures from lattice assumptions. In: Advances in Cryptology - ASIACRYPT 2016. Lecture Notes in Computer Science, vol. 10032, pp. 373\u2013403","DOI":"10.1007\/978-3-662-53890-6_13"},{"key":"526_CR20","doi-asserted-by":"crossref","unstructured":"Ling S, Nguyen K, Wang H (2015) Group signatures from lattices: Simpler, tighter, shorter, ring-based. In: Public-Key Cryptography - PKC 2015. Lecture Notes in Computer Science, vol. 9020, pp. 427\u2013449. Springer","DOI":"10.1007\/978-3-662-46447-2_19"},{"key":"526_CR21","doi-asserted-by":"crossref","unstructured":"Li C, Tian H, Zhang F (2023) TVES: threshold verifiably encrypted signature and its applications. In: Information Security and Cryptology - 19th International Conference, Inscrypt 2023. Lecture Notes in Computer Science, vol. 14526, pp. 3\u201322. Springer","DOI":"10.1007\/978-981-97-0942-7_1"},{"key":"526_CR22","doi-asserted-by":"crossref","unstructured":"Liu P (2019) A standard model secure verifiably encrypted signature scheme based on dual system. In: Cyberspace Safety and Security - 11th International Symposium, CSS 2019. Lecture Notes in Computer Science, vol. 11983, pp. 242\u2013252. Springer","DOI":"10.1007\/978-3-030-37352-8_21"},{"issue":"2","key":"526_CR23","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1007\/s00145-012-9126-5","volume":"26","author":"S Lu","year":"2013","unstructured":"Lu S, Ostrovsky R, Sahai A, Shacham H, Waters B (2013) Sequential aggregate signatures, multisignatures, and verifiably encrypted signatures without random oracles. J Cryptol 26(2):340\u2013373","journal-title":"J Cryptol"},{"issue":"1","key":"526_CR24","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1137\/S0097539705447360","volume":"37","author":"D Micciancio","year":"2007","unstructured":"Micciancio D, Regev O (2007) Worst-case to average-case reductions based on gaussian measures. SIAM J Comput 37(1):267\u2013302","journal-title":"SIAM J Comput"},{"key":"526_CR25","doi-asserted-by":"crossref","unstructured":"Micciancio D, Vadhan SP (2003) Statistical zero-knowledge proofs with efficient provers: Lattice problems and more. In: Advances in Cryptology - CRYPTO 2003. Lecture Notes in Computer Science, vol. 2729, pp. 282\u2013298. Springer","DOI":"10.1007\/978-3-540-45146-4_17"},{"key":"526_CR26","doi-asserted-by":"crossref","unstructured":"Nishimaki R, Xagawa K (2013) Verifiably encrypted signatures with short keys based on the decisional linear problem and obfuscation for encrypted VES. In: Public-Key Cryptography - PKC 2013. Lecture Notes in Computer Science, vol. 7778, pp. 405\u2013422. Springer","DOI":"10.1007\/978-3-642-36362-7_25"},{"issue":"6","key":"526_CR27","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1145\/1568318.1568324","volume":"56","author":"O Regev","year":"2009","unstructured":"Regev O (2009) On lattices, learning with errors, random linear codes, and cryptography. J ACM 56(6):34\u201313440","journal-title":"J ACM"},{"key":"526_CR28","doi-asserted-by":"crossref","unstructured":"R\u00fcckert M, Schr\u00f6der D (2009) Security of verifiably encrypted signatures and a construction without random oracles. In: Pairing-Based Cryptography - Pairing 2009. Lecture Notes in Computer Science, vol. 5671, pp. 17\u201334. Springer","DOI":"10.1007\/978-3-642-03298-1_2"},{"issue":"2","key":"526_CR29","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1002\/ett.2607","volume":"26","author":"Z Shao","year":"2015","unstructured":"Shao Z, Gao Y (2015) Certificate-based verifiably encrypted RSA signatures. Trans Emerg Telecommun Technol 26(2):276\u2013289","journal-title":"Trans Emerg Telecommun Technol"},{"issue":"18","key":"526_CR30","doi-asserted-by":"publisher","first-page":"5996","DOI":"10.1002\/sec.1751","volume":"9","author":"Z Shao","year":"2016","unstructured":"Shao Z, Gao Y (2016) Practical verifiably encrypted signatures based on discrete logarithms. Secur Commun Networks 9(18):5996\u20136003","journal-title":"Secur Commun Networks"},{"key":"526_CR31","doi-asserted-by":"crossref","unstructured":"Shor PW (1994) Algorithms for quantum computation: Discrete logarithms and factoring. In: 35th Annual Symposium on Foundations of Computer Science, pp. 124\u2013134. IEEE Computer Society","DOI":"10.1109\/SFCS.1994.365700"},{"key":"526_CR32","doi-asserted-by":"publisher","first-page":"147481","DOI":"10.1109\/ACCESS.2019.2946272","volume":"7","author":"F Wang","year":"2019","unstructured":"Wang F, Shi S (2019) Lattice-based encrypted verifiably encryption signature scheme for the fair and private electronic commence. IEEE Access 7:147481\u2013147489","journal-title":"IEEE Access"},{"issue":"3","key":"526_CR33","doi-asserted-by":"publisher","first-page":"347","DOI":"10.1007\/s10207-017-0372-2","volume":"17","author":"Y Wang","year":"2018","unstructured":"Wang Y, Pang H, Deng RH (2018) Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management. Int J Inf Sec 17(3):347\u2013363","journal-title":"Int J Inf Sec"},{"key":"526_CR34","doi-asserted-by":"crossref","unstructured":"Wang Z, Luo X, Wu Q (2017) Verifiably encrypted group signatures. In: Provable Security - 11th International Conference, ProvSec 2017. Lecture Notes in Computer Science, vol. 10592, pp. 107\u2013126. Springer","DOI":"10.1007\/978-3-319-68637-0_7"},{"key":"526_CR35","doi-asserted-by":"crossref","unstructured":"Waters B (2005) Efficient identity-based encryption without random oracles. In: Advances in Cryptology - EUROCRYPT 2005. Lecture Notes in Computer Science, vol. 3494, pp. 114\u2013127. Springer","DOI":"10.1007\/11426639_7"},{"key":"526_CR36","doi-asserted-by":"publisher","first-page":"1573","DOI":"10.1109\/TIFS.2022.3165978","volume":"17","author":"X Yang","year":"2022","unstructured":"Yang X, Liu M, Au MH, Luo X, Ye Q (2022) Efficient verifiably encrypted ECDSA-like signatures and their applications. IEEE Trans Inf Forensics Secur 17:1573\u20131582","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"2","key":"526_CR37","first-page":"305","volume":"54","author":"Y Zhang","year":"2017","unstructured":"Zhang Y, Hu Y (2017) A new verifiably encrypted signature scheme from lattices. J Comput Res Develop 54(2):305\u2013312","journal-title":"J Comput Res Develop"},{"key":"526_CR38","doi-asserted-by":"crossref","unstructured":"Zhang F, Safavi-Naini R, Susilo W (2003) Efficient verifiably encrypted signature and partially blind signature from bilinear pairings. In: Progress in Cryptology - INDOCRYPT 2003. Lecture Notes in Computer Science, vol. 2904, pp. 191\u2013204. Springer","DOI":"10.1007\/978-3-540-24582-7_14"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00526-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00526-7","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00526-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T10:25:24Z","timestamp":1767781524000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s42400-025-00526-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1,7]]},"references-count":38,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["526"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00526-7","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1,7]]},"assertion":[{"value":"13 May 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 November 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 January 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"94"}}