Paper 2022/1307

BLOOM: Bimodal Lattice One-Out-of-Many Proofs and Applications

Vadim Lyubashevsky, IBM Research - Zurich
Ngoc Khanh Nguyen, École Polytechnique Fédérale de Lausanne
Abstract

We give a construction of an efficient one-out-of-many proof system, in which a prover shows that he knows the pre-image for one element in a set, based on the hardness of lattice problems. The construction employs the recent zero-knowledge framework of Lyubashevsky et al. (Crypto 2022) together with an improved, over prior lattice-based one-out-of-many proofs, recursive procedure, and a novel rejection sampling proof that allows to use the efficient bimodal rejection sampling throughout the protocol. Using these new primitives and techniques, we give instantiations of the most compact lattice-based ring and group signatures schemes. The improvement in signature sizes over prior works ranges between $25\%$ and $2$X. Perhaps of even more significance, the size of the user public keys, which need to be stored somewhere publicly accessible in order for ring signatures to be meaningful, is reduced by factors ranging from $7$X to $15$X. In what could be of independent interest, we also provide noticeably improved proofs for integer relations which, together with one-out-of-many proofs are key components of confidential payment systems.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2022
Keywords
lattices zero-knowledge one-out-of-many proofs ring signatures
Contact author(s)
vad @ zurich ibm com
khanh nguyen @ epfl ch
History
2022-10-03: last of 2 revisions
2022-10-01: received
See all versions
Short URL
https://ia.cr/2022/1307
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/1307,
      author = {Vadim Lyubashevsky and Ngoc Khanh Nguyen},
      title = {{BLOOM}: Bimodal Lattice One-Out-of-Many Proofs and Applications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1307},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1307}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.