We present a constant-size signature scheme under the CDH assumption. It has a tighter security reduction than any other constant-size signature scheme with a security reduction to solving some intractable search problems. Hofheinz, Jager, and Knapp (PKC 2012) presented a constant-size signature scheme under the CDH assumption with a reduction loss of O(q), where q is the number of signing queries. They also proved that the reduction loss of O(q) is optimal in a black-box security proof. To the best of our knowledge, no constant-size signature scheme has been proposed with a tighter reduction (to the hardness of a search problem) than that proposed by Hofheinz et al., even if it is not re-randomizable. We remark that our scheme is not re-randomizable. We achieve the reduction loss of O(q/d), where d is the number of group elements in a public key.

In this study, we propose a secure data-providing system by using a verifiable attribute-based keyword search (VABKS), which also has the functions of privacy preservation and feedback to providers with IP anonymous server. We give both theoretic and experimental result, which show that our proposed system is a secure system with real-time property. One potential application of the system is to Integrated Broadcast-Broadband (IBB) services, which acquire information related to broadcast programs via broadband networks. One such service is a recommendation service that delivers recommendations matching user preferences (such as to TV programs) determined from the user's viewing history. We have developed a real-time system outsourcing data to the cloud and performing keyword searches on it by dividing the search process into two stages and performing heavy processing on the cloud side.

We propose a short signature scheme under the ring-SIS assumption in the standard model. Specifically, by revisiting an existing construction [Ducas and Micciancio, CRYPTO 2014], we demonstrate lattice-based signatures with improved reduction loss. As far as we know, there are no ways to use multiple tags in the signature simulation of security proof in the lattice tag-based signatures. We address the tag-collision possibility in the lattice setting, which improves reduction loss. Our scheme generates tags from messages by constructing a scheme under a mild security condition that is existentially unforgeable against random message attack with auxiliary information. Thus our scheme can reduce the signature size since it does not need to send tags with the signatures. Our scheme has short signature sizes of O(1) and achieves tighter reduction loss than that of Ducas et al.'s scheme. Our proposed scheme has two variants. Our scheme with one property has tighter reduction and the same verification key size of O(log n) as that of Ducas et al.'s scheme, where n is the security parameter. Our scheme with the other property achieves much tighter reduction loss of O(Q/n) and verification key size of O(n), where Q is the number of signing queries.