A efficient lattice-based forward-secure linearly homomorphic signature scheme for network coding

The capacity of a linearly homomorphic signature (LHS) to facilitate linear computations on signed data is a frequently employed feature to safeguard network coding-based applications against pollution attacks. The security of LHS wholly depends on the security of secret signing keys; once a secret key is compromised, the application system’s security will be broken. However, as relatively insecure mobile devices are increasingly used in network-coding application systems, the key exposure issue is becoming more prevalent. In order to mitigate the harm of key exposure to LHS deployed in network coding systems, we integrate forward security into LHS and use the fixed-dimension lattice basis delegation technique and the additive homomorphic hash function family to propose a forward-secure identity-based LHS scheme, which achieves post-quantum security while ensuring the validity of signatures from previous time periods even if the current secret key is compromised. The proposed scheme supports performing linearly homomorphic operations over the binary field so that the calculation of messages is a simple XOR operation. In this way, the decoding of the target node is equivalent to solving a linear system on $$ {\mathbb {F}}_2 $$ F 2 , making it very suitable for deployment in network coding systems. We then define the first security model on the forward security of LHS and prove that the proposed scheme can resist adaptively chosen identity and dataset attacks under lattice assumptions. Moreover, compared with previous related works, the performance analysis shows that our scheme enjoys a comparable computation cost, has a lower communication cost, and provides higher security and stronger functionality.