Paper 2024/1459
Verifiable Oblivious Pseudorandom Functions from Lattices: Practical-ish and Thresholdisable
, University of Maryland, College ParkAbstract
We revisit the lattice-based verifiable oblivious PRF construction from PKC'21 and remove or mitigate its central three sources of inefficiency. First, applying Rényi divergence arguments, we eliminate one superpolynomial factor from the ciphertext modulus \(q\), allowing us to reduce the overall bandwidth consumed by RLWE samples by about a factor of four. This necessitates us introducing intermediate unpredictability notions to argue PRF security of the final output in the Random Oracle model. Second, we remove the reliance on the \(\mathsf{1D-SIS}\) assumption, which reduces another superpolynomial factor, albeit to a factor that is still superpolynomial. Third, by applying the state-of-the-art in zero-knowledge proofs for lattice statements, we achieve a reduction in bandwidth of several orders of magnitude for this material. Finally, we give a \(t\)-out-of-\(n\) threshold variant of the VOPRF for constant \(t\) and with trusted setup, based on a \(n\)-out-of-\(n\) distributed variant of the VOPRF (and without trusted setup).
Note: Full version following ASIACRYPT 2024 acceptance.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2024
- Keywords
- LatticesOblivious Pseudorandom FunctionThreshold Cryptography
- Contact author(s)
-
martin albrecht @ kcl ac uk
dgur1 @ cs umd edu - History
- 2024-09-21: approved
- 2024-09-18: received
- See all versions
- Short URL
- https://ia.cr/2024/1459
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1459,
author = {Martin R. Albrecht and Kamil Doruk Gur},
title = {Verifiable Oblivious Pseudorandom Functions from Lattices: Practical-ish and Thresholdisable},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1459},
year = {2024},
url = {https://eprint.iacr.org/2024/1459}
}
