Paper 2020/769

Lattice-Based Blind Signatures, Revisited

Eduard Hauck, Eike Kiltz, Julian Loss, and Ngoc Khanh Nguyen


We observe that all previously known lattice-based blind signature schemes contain subtle flaws in their security proofs (e.g., Rückert, ASIACRYPT '08) or can be attacked (e.g., BLAZE by Alkadri et al., FC '20). Motivated by this, we revisit the problem of constructing blind signatures from standard lattice assumptions. We propose a new three-round lattice-based blind signature scheme whose security can be proved, in the random oracle model, from the standard SIS assumption. Our starting point is a modified version of the (insecure) BLAZE scheme, which itself is based Lyubashevsky's three-round identification scheme combined with a new aborting technique to reduce the correctness error. Our proof builds upon and extends the recent modular framework for blind signatures of Hauck, Kiltz, and Loss (EUROCRYPT '19). It also introduces several new techniques to overcome the additional challenges posed by the correctness error which is inherent to all lattice-based constructions. While our construction is mostly of theoretical interest, we believe it to be an important stepping stone for future works in this area.

Available format(s)
Public-key cryptography
Publication info
A minor revision of an IACR publication in CRYPTO 2020
Blind Signatures
Contact author(s)
lossjulian @ gmail com
eike kiltz @ rub de
eduard hauck @ rub de
NKN @ zurich ibm com
2021-01-02: last of 7 revisions
2020-06-24: received
See all versions
Short URL
Creative Commons Attribution


      author = {Eduard Hauck and Eike Kiltz and Julian Loss and Ngoc Khanh Nguyen},
      title = {Lattice-Based Blind Signatures, Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2020/769},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.