Cryptology ePrint Archive: Report 2019/569

Lattice RingCT v2.0 with Multiple Input and Output Wallets

Wilson Alberto Torres and Veronika Kuchta and Ron Steinfeld and Amin Sakzad and Joseph K. Liu and Jacob Cheng

Abstract: This paper presents the Lattice-based Ring Confidential Transactions (Lattice RingCT v2.0) protocol. Unlike the previous Lattice RingCT v1.0 (LRCT v1.0) protocol, the new protocol supports Multiple-Input and Multiple-Output (MIMO) wallets in transactions, and it is a fully functional protocol construction for cryptocurrency applications such as Hcash. Since the MIMO cryptocurrency setting introduces new balance security requirements (and in particular, security against (out-of-range) amount attacks), we give a refined balance security model to capture such attacks, as well as a refined anonymity model to capture amount privacy attacks. Our protocol extends a previously proposed ring signature scheme in the LRCT v1.0 protocol, to support the MIMO requirements while preserving the post-quantum security guarantees, and uses a lattice-based zero-knowledge range proof to achieve security against (out-of-range) attacks. Preliminary parameter estimates and signature sizes are proposed as a point of reference for future studies.

Category / Keywords: cryptographic protocols / Cryptocurrencies, Lattice-Based Cryptography, Post-Quantum Cryptography, RingCT

Date: received 26 May 2019, last revised 26 May 2019

Contact author: wil_alberto at hotmail com

Available format(s): PDF | BibTeX Citation

Version: 20190527:092753 (All versions of this report)

Short URL: ia.cr/2019/569


[ Cryptology ePrint archive ]