# Relaxed Lattice-Based Signatures with Short Zero-Knowledge Proofs

@article{Boschini2017RelaxedLS, title={Relaxed Lattice-Based Signatures with Short Zero-Knowledge Proofs}, author={Cecilia Boschini and Jan Camenisch and Gregory Neven}, journal={IACR Cryptol. ePrint Arch.}, year={2017}, volume={2017}, pages={1123} }

Advanced cryptographic protocols such as anonymous credentials, voting schemes, and e-cash are typically constructed by suitably combining signature, commitment, and encryption schemes with zero-knowledge proofs. Indeed, a large body of protocols have been constructed in that manner from Camenisch-Lysyanskaya signatures and generalized Schnorr proofs. In this paper, we build a similar framework for lattice-based schemes by presenting a signature and commitment scheme that are compatible with…

## 10 Citations

### Lattice-Based Group Signatures and Zero-Knowledge Proofs of Automorphism Stability

- Mathematics, Computer ScienceIACR Cryptol. ePrint Arch.
- 2018

We present a group signature scheme, based on the hardness of lattice problems, whose outputs are more than an order of magnitude smaller than the currently most efficient schemes in the literature.…

### Floppy-Sized Group Signatures from Lattices

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2018

We present the first lattice-based group signature scheme whose cryptographic artifacts are of size small enough to be usable in practice: for a group of \(2^{25}\) users, signatures take 910 kB and…

### Efficient Post-quantum SNARKs for RSIS and RLWE and Their Applications to Privacy

- Mathematics, Computer SciencePQCrypto
- 2020

A lattice-based group signature that protects users against corrupted issuers, and that produces signatures smaller than the state of the art, with signature sizes of less than 300 KB for the comparably secure version of the scheme.

### Share & Shrink: Ad-Hoc Threshold FHE with Short Ciphertexts and its Application to Almost-Asynchronous MPC

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2022

The impossibility of 1-Broadcast-then-Asynchronous MPC for N ≤ 3 t − 4 is proved, showing tightness of the 2 broadcasts of this new approach with short threshold fully homomorphic (FHE) ciphertexts, which impacts the computational complexity.

### Lattice Based Verifiably Encrypted Double Authentication Preventing Signatures

- Computer Science, MathematicsNSS
- 2019

Security analysis shows that the proposed VEDAPS based on Ring-SIS problem and Ring-LWE problem satisfies security properties including completeness, opacity, unforgeability and punishability in the random oracle model.

### Efficient Lattice-Based Zero-Knowledge Arguments with Standard Soundness: Construction and Applications

- Mathematics, Computer ScienceIACR Cryptol. ePrint Arch.
- 2019

We provide new zero-knowledge argument of knowledge systems that work directly for a wide class of language, namely, ones involving the satisfiability of matrix-vector relations and integer relations…

### Post-Quantum Era Privacy Protection for Intelligent Infrastructures

- Computer ScienceIEEE Access
- 2021

An up-to-date privacy method mapping and relevant use cases are surveyed for II services, focusing on post-quantum cryptography techniques that may (or must when quantum computers become a reality) be used in the future through concrete products, pilots, and projects.

### Real-world Deployment of Privacy-Enhancing Authentication System using Attribute-based Credentials

- Computer ScienceARES
- 2022

This paper provides comprehensive analyses of the readiness, maturity, and applicability of ABCs to real-world applications and introduces the Privacy-Enhancing Authentication System (PEAS), which meets all privacy requirements such as anonymity and unlinkability of the user’s activities.

### Efficient lattice-based zero-knowledge proofs and applications. (Preuves à divulgation nulle de connaissance efficaces à base de réseaux euclidiens et applications)

- Computer Science, Philosophy
- 2018

Le chiffrement a base of reseaux euclidiens a connu un grand essor durant les vingt dernieres annees, ainsi qu'un schema of vote electronique hautement efficace y compris pour des elections a grand echelle.

### Publicly Accountable Robust Multi-Party Computation

- Computer Science, Mathematics2022 IEEE Symposium on Security and Privacy (SP)
- 2022

This work presents the first publicly verifiable and accountable, and (up to a threshold) robust SPDZ-like MPC protocol without restart, and proposes protocols for accountable and robust online, offline, and setup computations.

## References

SHOWING 1-10 OF 61 REFERENCES

### Better Zero-Knowledge Proofs for Lattice Encryption and Their Application to Group Signatures

- Computer Science, MathematicsASIACRYPT
- 2014

This paper provides a more efficient way to prove knowledge of plaintexts for lattice-based encryption schemes and makes use of this to construct a new group signature scheme that is a “hybrid” in the sense that privacy holds under a lattices-based assumption while security is discrete-logarithm-based.

### Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures Without Trapdoors

- Computer Science, MathematicsEUROCRYPT
- 2016

This paper provides an efficient method of proving statements using involved extensions of Stern's protocol to efficiently prove the membership of some element in a zero-knowledge manner, and describes new lattice-based group and ring signatures in the random oracle model.

### Lattice Signatures Without Trapdoors

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2011

This work provides an alternative method for constructing lattice-based digital signatures which does not use the "hash-and-sign" methodology, and shows that by slightly changing the parameters, one can get even more efficient signatures that are based on the hardness of the Learning With Errors problem.

### P-signatures and Noninteractive Anonymous Credentials

- Computer Science, MathematicsTCC
- 2008

P-signatures enable, for the first time, the design of a practical non-interactive anonymous credential system whose security does not rely on the random oracle model and may serve as a useful building block for other privacy-preserving authentication mechanisms.

### Signature Schemes with Efficient Protocols and Dynamic Group Signatures from Lattice Assumptions

- Computer Science, MathematicsASIACRYPT
- 2016

This work provides new tools enabling the design of anonymous authentication systems whereby new users can join the system at any time, and provides the first lattice-based group signature supporting dynamically growing populations of users.

### Group Signatures from Lattices: Simpler, Tighter, Shorter, Ring-Based

- Computer Science, MathematicsPublic Key Cryptography
- 2015

A new lattice-based cryptographic tool is constructed: a statistical zero-knowledge argument of knowledge of a valid message-signature pair for Boyen's signature scheme (Boyen, PKC’10), which potentially can be used as the building block to design various privacy-enhancing cryptographic constructions.

### A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order

- Mathematics, Computer ScienceASIACRYPT
- 2002

A new definition for computationally convincing proofs of knowledge, designed to handle the case where the common input is chosen by the (possibly cheating) prover, is introduced.

### Lattice-Based Group Signatures with Logarithmic Signature Size

- Computer Science, MathematicsASIACRYPT
- 2013

This paper describes the first lattice-based group signature schemes where the signature and public key sizes are essentially logarithmic in N (for any fixed security level) and proves the security of the schemes in the random oracle model under the SIS and LWE assumptions.

### Fully Anonymous Attribute Tokens from Lattices

- Computer Science, MathematicsSCN
- 2012

This work presents a generalization of group signatures called anonymous attribute tokens where users are issued attribute-containing credentials that they can use to anonymously sign messages and generate tokens revealing only a subset of their attributes.

### Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures

- Computer Science, MathematicsASIACRYPT
- 2009

This work demonstrates how the framework that is used for creating efficient number-theoretic ID and signature schemes can be transferred into the setting of lattices and is able to shorten the length of the signatures that are produced by Girault's factoring-based digital signature scheme.