A Lattice-Based Threshold Ring Signature Scheme

@inproceedings{Cayrel2010ALT,
  title={A Lattice-Based Threshold Ring Signature Scheme},
  author={Pierre-Louis Cayrel and Richard Lindner and Markus R{\"u}ckert and Rosemberg Silva},
  booktitle={International Conference on Cryptology and Information Security in Latin America},
  year={2010}
}
In this article, we propose a new lattice-based threshold ring signature scheme, modifying Aguilar's code-based solution to use the short integer solution (SIS) problem as security assumption, instead of the syndrome decoding (SD) problem. By applying the CLRS identification scheme, we are also able to have a performance gain as result of the reduction in the soundness error to 1/2 per round. Such gain is also maintained through the application of the Fiat-Shamir heuristics to derive signatures… 

Improved Lattice-Based Threshold Ring Signature Scheme

The ring signature induced by the particular case of only one signer is described and to the best of the knowledge, the resulted signatures are the most efficient lattice-based ring signature and threshold signature.

An Improved Threshold Ring Signature Scheme Based on Error Correcting Codes

A novel threshold ring signature scheme built on the q-SD identification scheme recently proposed by Cayrel et al. is constructed, which is the first efficient implementation of this type of code-based schemes.

A multivariate based threshold ring signature scheme

This paper extends a new multivariate identification scheme, whose security is based solely on the MQ-Problem of solving systems of quadratic equations over finite fields, to a threshold ring identification and signature scheme, which is the first multivariate scheme of this type and generally one of thefirst multivariate signature schemes with special properties.

Lattice-based Threshold Signature with Message Block Sharing

An interesting tool is introduced to construct the k-out-of-N threshold signature schemes, which are a protocol that approves any subset of k members among N members to produce a valid signature, but it is impossible to generate a valid signatures in case fewer thank members are involved in the protocol.

A New Multivariate Based Threshold Ring Signature Scheme

In CRYPTO 2011, Sakumoto et al. presented a 3-pass identification protocol whose security is solely based on the MQ problem. This identification protocol was extended to a threshold ring signature

A Lattice-Based Universal Thresholdizer for Cryptographic Systems

This work shows how to add threshold functionality to CCA-secure public-key encryption (PKE), signature schemes, pseudorandom functions, and others primitives, using a general tool, called a universal thresholdizer, from which many threshold systems are possible.

RingRainbow - An Efficient Multivariate Ring Signature Scheme

This paper proposes a simple and efficient technique to extend arbitrary multivariate signature schemes to ring signature schemes and illustrates it using the example of Rainbow, providing perfect anonymity for the signer, as well as shorter ring signatures than all previously proposed post-quantum ring signatures schemes.

Anonymous Post-Quantum Cryptocash ? ( Full Version )

By adopting the short quantum-resistant linkable ring signature scheme, this system is anonymous and efficient, and the privacy of users is protected, even though their transactions are recorded in the public ledger.

Anonymous Post-Quantum Cryptocash

The privacy of users is protected, even though their transactions are recorded in the public ledger, by adopting the short quantum-resistant linkable ring signature scheme, which is anonymous and efficient.
...

References

SHOWING 1-10 OF 43 REFERENCES

A New Efficient Threshold Ring Signature Scheme Based on Coding Theory

This scheme is existentially unforgeable under a chosen message attack in the random oracle model assuming the hardness of the minimum distance problem, is unconditionally source hiding, has a very short public key and has an overall complexity in O(N).

Lattice-Based Identification Schemes Secure Under Active Attacks

This work constructs a 3-move identification scheme whose security is based on the worst-case hardness of the shortest vector problem in all lattices, and also presents a more efficient versionbased on the hardness ofthe same problem in ideal lattices.

Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures

This work demonstrates how the framework that is used for creating efficient number-theoretic ID and signature schemes can be transferred into the setting of lattices and is able to shorten the length of the signatures that are produced by Girault's factoring-based digital signature scheme.

How to Achieve a McEliece-Based Digital Signature Scheme

This paper disproves the belief that code-based cryptosystems like McEliece do not allow practical digital signatures, and shows a way to build a practical signature scheme based on coding theory.

Provably Secure Code-Based Threshold Ring Signatures

A security proof is given of the scheme whose security relies -- in both random oracle and ideal cipher models -- on two coding theory problems, making it the first provably secure code-based threshold ring signature scheme.

A New Identification Scheme Based on Syndrome Decoding

  • J. Stern
  • Computer Science, Mathematics
    CRYPTO
  • 1993
This paper proposes a new identification scheme, based on error-correcting codes, which is zero-knowledge and is of practical value, and describes several variants, including one which has an identity based character.

Improved code-based identification scheme

This work revisits the 3-pass code-based identification scheme proposed by Stern at Crypto'93, and gives a new 5-pass protocol for which the probability of the cheater is 1/2 and proposes to use quasi-cyclic construction in order to dramatically reduce the size of the public key.

Improved Zero-Knowledge Identification with Lattices

This paper adapts a code- -based identification scheme devised by Cayrel, V´eron and El Yousfi, which constitutes an improvement of Stern’s construction and offers a much milder security assumption: namely, the hardness of SIS for trinary solutions.

A Framework for Efficient Signatures, Ring Signatures and Identity Based Encryption in the Standard Model

This work shows a transformation taking a signature scheme with a very weak security guarantee and producing a fully secure signature scheme, and shows that ring trapdoor functions imply ring signatures under a weak definition, which enables the transformation to achieve full security.

Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems

It is shown that two variants of Stern's identification scheme are provably secure against concurrent attack under the assumptions on the worst-case hardness of lattice problems.