Paper 2019/569
Lattice RingCT v2.0 with Multiple Input and Output Wallets
Wilson Alberto Torres, Veronika Kuchta, Ron Steinfeld, Amin Sakzad, Joseph K. Liu, and Jacob Cheng
Abstract
This paper presents the Lattice-based Ring Confidential Transactions (Lattice RingCT v2.0) protocol. Unlike the previous Lattice RingCT v1.0 (LRCT v1.0) protocol, the new protocol supports Multiple-Input and Multiple-Output (MIMO) wallets in transactions, and it is a fully functional protocol construction for cryptocurrency applications such as Hcash. Since the MIMO cryptocurrency setting introduces new balance security requirements (and in particular, security against (out-of-range) amount attacks), we give a refined balance security model to capture such attacks, as well as a refined anonymity model to capture amount privacy attacks. Our protocol extends a previously proposed ring signature scheme in the LRCT v1.0 protocol, to support the MIMO requirements while preserving the post-quantum security guarantees, and uses a lattice-based zero-knowledge range proof to achieve security against (out-of-range) attacks. Preliminary parameter estimates and signature sizes are proposed as a point of reference for future studies.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. ACISP2019
- Keywords
- CryptocurrenciesLattice-Based CryptographyPost-Quantum CryptographyRingCT
- Contact author(s)
- wil_alberto @ hotmail com
- History
- 2020-09-16: revised
- 2019-05-27: received
- See all versions
- Short URL
- https://ia.cr/2019/569
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/569,
author = {Wilson Alberto Torres and Veronika Kuchta and Ron Steinfeld and Amin Sakzad and Joseph K. Liu and Jacob Cheng},
title = {Lattice {RingCT} v2.0 with Multiple Input and Output Wallets},
howpublished = {Cryptology {ePrint} Archive, Paper 2019/569},
year = {2019},
url = {https://eprint.iacr.org/2019/569}
}
