For　lattice-based　group　signatures　(GS)　with　verifier-local　revocation　(VLR),　it　only　requires　the　verifiers　to　possess　up-to-date　group　information　(i.e.,　a　revocation　list,　RL,　consists　of　a　series　of　revocation　tokens　for　revoked　members),　but　not　the　signers.　The　first　such　scheme　was　introduced　by　Langlois　et　al.　in　2014,　and　subsequently,　a　full　and　corrected　version　(to　fix　a　flaw　in　the　original　revocation　mechanism)　was　proposed　by　Ling　et　al.　in　2018.　However,　both　constructions　are　within　the　structure　of　a　Bonsai　Tree,　and　thus　features　bit-sizes　of　the　group　public-key　and　the　member　secret-key　proportional　to　log　N,　where　N　is　the　maximum　number　of　group　members.　On　the　other　hand,　the　tracing　algorithm　for　both　schemes　runs　in　a　linear　time　in　N　(i.e.,　one　by　one,　until　the　real　signer　is　traced).　Therefore　for　a　large　group,　the　tracing　algorithm　of　conventional　GS-VLR　is　not　convenient　and　both　lattice-based　constructions　are　not　that　efficient.　In　this　work,　we　propose　a　much　more　efficient　lattice-based　GS-VLR,　which　is　efficient　by　saving　the　O(log　N)　factor　for　both　bit-sizes　of　the　group　public-key　and　the　member　secret-key.　Moreover,　we　achieve　this　result　in　a　relatively　simple　manner.　Starting　with　Nguyen　et　al.’s　efficient　and　compact　identity-encoding　technique　in　2015　-　which　only　needs　a　constant　number　of　matrices　to　encode　the　member’s　identity,　we　develop　an　improved　identity-encoding　function,　and　introduce　an　efficient　Stern-type　statistical　zero-knowledge　argument　of　knowledge　(ZKAoK)　protocol　corresponding　to　our　improved　identity-encoding　function,　which　may　be　of　independent　cryptographic　interest.　Furthermore,　we　demonstrate　how　to　equip　the　obtained　lattice-based　GS-VLR　with　explicit　traceability　(ET)　in　some　simple　way.　This　attractive　functionality,　only　satisfied　in　the　non-VLR　constructions,　can　enable　the　tracing　authority　in　lattice-based　GS-VLR　to　determine　the　signer’s　real　identity　in　a　constant　time,　independent　of　N.　In　the　whole　process,　we　show　that　the　proposed　scheme　is　proven　secure　in　the　random　oracle　model　(ROM)　based　on　the　hardness　of　the　Short　Integer　Solution　(SIS)　problem,　and　the　Learning　With　Errors　(LWE)　problem.　©　2019,　Springer　Nature　Switzerland　AG.