Paper 2022/509

Lattice Signature with Efficient Protocols, Application to Anonymous Credentials

Corentin Jeudy, Orange Labs, Applied Crypto Group, Univ Rennes, CNRS, IRISA
Adeline Roux-Langlois, Normandie Univ, UNICAEN, ENSICAEN, CNRS, GREYC
Olivier Sanders, Orange Labs, Applied Crypto Group
Abstract

Digital signature is an essential primitive in cryptography, which can be used as the digital analogue of handwritten signatures but also as a building block for more complex systems. In the latter case, signatures with specific features are needed, so as to smoothly interact with the other components of the systems, such as zero-knowledge proofs. This has given rise to so-called signatures with efficient protocols, a versatile tool that has been used in countless applications. Designing such signatures is however quite difficult, in particular if one wishes to withstand quantum computing. We are indeed aware of only one post-quantum construction, proposed by Libert et al. at Asiacrypt'16, yielding very large signatures and proofs. In this paper, we propose a new construction that can be instantiated in both standard lattices and structured ones, resulting in each case in dramatic performance improvements. In particular, the size of a proof of message-signature possession, which is one of the main metrics for such schemes, can be brought down to less than 650 KB. As our construction retains all the features expected from signatures with efficient protocols, it can be used as a drop-in replacement in all systems using them, which mechanically improves their own performance, and has thus a direct impact on many applications. It can also be used to easily design new privacy-preserving mechanisms. As an example, we provide the first lattice-based anonymous credentials system.

Note: Revision (02/2023) : - Change of title (previous title was "Lattice-Based Signature with Efficient Protocols, Revisited") - Re-organization - Adding construction of Anonymous Credentials

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A major revision of an IACR publication in CRYPTO 2023
Keywords
Lattice-Based CryptographySignatureEfficient ProtocolsPrivacy
Contact author(s)
corentin jeudy @ irisa fr
adeline roux-langlois @ cnrs fr
olivier sanders @ orange com
History
2023-06-13: last of 6 revisions
2022-04-28: received
See all versions
Short URL
https://ia.cr/2022/509
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/509,
      author = {Corentin Jeudy and Adeline Roux-Langlois and Olivier Sanders},
      title = {Lattice Signature with Efficient Protocols, Application to Anonymous Credentials},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/509},
      year = {2022},
      url = {https://eprint.iacr.org/2022/509}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.