Abstract
Aiming at the challenge that traditional signature schemes struggle to simultaneously achieve efficiency, resistance to quantum attacks, and privacy protection, this paper proposes a lattice-based conditional privacy-preserving certificateless aggregate signature method (LCP-CAS). The scheme adopts an unordered aggregation algorithm to compress multiple signatures, in arbitrary order, into a single fixed-length aggregate signature, thereby achieving linear scalability in verification complexity. Its security is based on the hardness of the Ring Short Integer Solution (RSIS) problem, ensuring post-quantum resistance. By incorporating a conditional privacy-preserving mechanism, the scheme realizes device anonymity while supporting identity traceability, thus balancing privacy protection with regulatory requirements. Security analysis shows that the scheme meets the security requirements, including integrity, non-repudiation, conditional privacy preservation, and resistance to collusion attacks. Compared with existing related schemes, LCP-CAS achieves reduces aggregation and verification overhead while maintaining practicality in large-scale settings such as industrial IoT and device monitoring.