For　group　signature　(GS)　supporting　membership　revocation,　verifier-local　revocation　(VLR)　mechanism　seems　to　be　a　more　flexible　choice,　because　it　requires　only　that　verifiers　download　up-to-date　revocation　information　for　signature　verification,　and　the　signers　are　not　involved.　As　a　post-quantum　secure　cryptographic　counterpart　of　classical　number-theoretic　cryptographic　constructions,　the　first　lattice-based　VLR　group　signature　(VLR-GS)　was　introduced　by　Langlois　et　al.　(2014).　However,　none　of　the　contemporary　lattice-based　VLR-GS　schemes　provide　backward　unlinkability　(BU),　which　is　an　important　property　to　ensure　that　previously　issued　signatures　remain　anonymous　and　unlinkable　even　after　the　corresponding　signer　(i.e.,　member)　is　revoked.　In　this　study,　we　introduce　the　first　lattice-based　VLR-GS　scheme　with　BU　security　(VLR-GS-BU),　and　thus　resolve　a　prominent　open　problem　posed　by　previous　works.　Our　new　scheme　enjoys　an　O(logN)　factor　saving　for　bit-sizes　of　the　group　public-key　(GPK)　and　the　member’s　signing　secret-key,　and　it　is　free　of　any　public-key　encryption.　In　the　random　oracle　model,　our　scheme　is　proven　secure　under　two　well-known　hardness　assumptions　of　the　short　integer　solution　(SIS)　problem　and　learning　with　errors　(LWE)　problem.　©　2022,　Zhejiang　University　Press.