格上的简短可链接环签名

Linkable ring signatures could avoid double-spending attacks in the blockchain. Lattice-based signatures were quantum-resistant. However, as the number of ring members increased, the size of existing lattice-based linkable ring signatures increased. To solve this problem, a lattice-based linkable ring signatures scheme was proposed. This scheme used queues to implement a special conversion of vector number system, and used lattice-based accumulators to accumulate the public keys of ring members, so that the signature size didnt increase with the number of ring members. And using the rejection sampling theorem, this scheme constructed signatures based on proofs of knowledge on lattices, prevented the signature private key from leaking, and improved the computational efficiency. In the random oracle model, the scheme was proved to be unforgeable, anonymous and linkable. Performance analysis and experimental evaluation show that, this scheme saves time and storage, and the signature size is constant with the increase of ring members.