Paper 2019/1287

MatRiCT: Efficient, Scalable and Post-Quantum Blockchain Confidential Transactions Protocol

Muhammed F. Esgin, Raymond K. Zhao, Ron Steinfeld, Joseph K. Liu, and Dongxi Liu


We introduce MatRiCT, an efficient RingCT protocol for blockchain confidential transactions, whose security is based on ``post-quantum'' (module) lattice assumptions. The proof length of the protocol is around two orders of magnitude shorter than the existing post-quantum proposal, and scales efficiently to large anonymity sets, unlike the existing proposal. Further, we provide the first full implementation of a post-quantum RingCT, demonstrating the practicality of our scheme. In particular, a typical transaction can be generated in a fraction of a second and verified in about 23 ms on a standard PC. Moreover, we show how our scheme can be extended to provide auditability, where a user can select a particular authority from a set of authorities to reveal her identity. The user also has the ability to select no auditing and all these auditing options may co-exist in the same environment. The key ingredients, introduced in this work, of MatRiCT are 1) the shortest to date scalable ring signature from standard lattice assumptions with no Gaussian sampling required, 2) a novel balance zero-knowledge proof and 3) a novel extractable commitment scheme from (module) lattices. We believe these ingredients to be of independent interest for other privacy-preserving applications such as secure e-voting. Despite allowing 64-bit precision for transaction amounts, our new balance proof, and thus our protocol, does not require a range proof on a wide range (such as 32- or 64-bit ranges), which has been a major obstacle against efficient lattice-based solutions. Further, we provide new formal definitions for RingCT-like protocols, where the real-world blockchain setting is captured more closely. The definitions are applicable in a generic setting, and thus are believed to contribute to the development of future confidential transaction protocols in general (not only in the lattice setting).

Note: This is the full version of an article published in the proceedings of 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS '19). The only change in the revised ePrint version is that more information about the proved relation is added to Lemma 5.5 and the lemma proof.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MAJOR revision.ACM CCS'19
LatticeZero-KnowledgeRingCTPost-QuantumRing SignatureGroup Signature
Contact author(s)
muhammed esgin @ monash edu
2020-05-05: revised
2019-11-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Muhammed F.  Esgin and Raymond K.  Zhao and Ron Steinfeld and Joseph K.  Liu and Dongxi Liu},
      title = {MatRiCT: Efficient, Scalable and Post-Quantum Blockchain Confidential Transactions Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1287},
      year = {2019},
      doi = {10.1145/3319535.3354200},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.