Lattice-Based Certificateless Proxy Re-Signature for IoT: A Computation-and-Storage Optimized Post-Quantum Scheme

Proxy re-signature enables transitive authentication of digital identities across different domains and has significant application value in areas such as digital rights management, cross-domain certificate validation, and distributed system access control. However, most existing proxy re-signature schemes, which are predominantly based on traditional public-key cryptosystems, face security vulnerabilities and certificate management bottlenecks. While identity-based schemes alleviate some issues, they introduce key escrow concerns. Certificateless schemes effectively resolve both certificate management and key escrow problems but remain vulnerable to quantum computing threats. To address these limitations, this paper constructs an efficient post-quantum certificateless proxy re-signature scheme based on algebraic lattices. Building upon algebraic lattice theory and leveraging the Dilithium algorithm, our scheme innovatively employs a lattice basis reduction-assisted parameter selection strategy to mitigate the potential algebraic attack vectors inherent in the NTRU lattice structure. This ensures the security and integrity of multi-party communication in quantum-threat environments. Furthermore, the scheme significantly reduces computational overhead and optimizes signature storage complexity through structured compression techniques, facilitating deployment on resource-constrained devices like Internet of Things (IoT) terminals. We formally prove the unforgeability of the scheme under the adaptive chosen-message attack model, with its security reducible to the hardness of the corresponding underlying lattice problems.