Improved Alternating Moduli PRFs and Post-Quantum Signatures

Navid Alamati; Guru-Vamsi Policharla; Srinivasan Raghuraman; Peter Rindal

Paper 2024/582

Improved Alternating Moduli PRFs and Post-Quantum Signatures

Navid Alamati, Visa Research

Guru-Vamsi Policharla, University of California, Berkeley

Srinivasan Raghuraman, Visa Research and MIT

Peter Rindal, Visa Research

Abstract

We revisit the alternating moduli paradigm for constructing symmetric key primitives with a focus on constructing highly efficient protocols to evaluate them using secure multi-party computation (MPC). The alternating moduli paradigm of Boneh et al. (TCC 2018) enables the construction of various symmetric key primitives with the common characteristic that the inputs are multiplied by two linear maps over different moduli, first over $\mathbb{F}_2$ and then over $\mathbb{F}_3$. The first contribution focuses on efficient two-party evaluation of alternating moduli PRFs, effectively building an oblivious pseudorandom function. We present a generalization of the PRF proposed by Boneh et al. (TCC 18) along with methods to lower the communication and computation. We then provide several variants of our protocols, with different computation and communication tradeoffs, for evaluating the PRF. Most are in the OT/VOLE hybrid model while one is based on specialized garbling. Our most efficient protocol effectively is about $3\times$ faster and requires $1.3\times$ lesser communication. Our next contribution is the efficient evaluation of the OWF $f(x)=B\cdot_3 (A\cdot_2 x)$ proposed by Dinur et al. (CRYPTO 21) where $A \in \mathbb{F}^{m\times n}_2, B\in\mathbb{F}^{t\times m}_3$ and $\cdot_p$ is multiplication mod $p$. This surprisingly simple OWF can be evaluated within MPC by secret sharing $[\hspace{-3px}[x]\hspace{-3px}]$ over $\mathbb{F}_2$, locally computing $[\hspace{-3px}[v]\hspace{-3px}]=A\cdot_2 [\hspace{-3px}[x]\hspace{-3px}]$, performing a modulus switching protocol to $\mathbb{F}_3$ shares, followed by locally computing the output shares $[\hspace{-3px}[y]\hspace{-3px}]=B\cdot_3 [\hspace{-3px}[v]\hspace{-3px}]$. We design a bespoke MPC-in-the-Head (MPCitH) signature scheme that evaluates the OWF, achieving state of art performance. The resulting signature has a size ranging from 4.0-5.5 KB, achieving between $2\text{-}3\times$ reduction compared to Dinur et al. To the best of our knowledge, this is only $\approx 5\%$ larger than the smallest signature based on symmetric key primitives, including the latest NIST PQC competition submissions. We additionally show that our core techniques can be extended to build very small post-quantum ring signatures for small-medium sized rings that are competitive with state-of-the-art lattice based schemes. Our techniques are in fact more generally applicable to set membership in MPCitH.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint.
Keywords: MPC friendly PRF PQC Signature Ring Signature
Contact author(s): guruvamsi policharla @ gmail com
peterrindal @ gmail com
History: 2024-04-17: revised; 2024-04-16: received; See all versions
Short URL: https://ia.cr/2024/582
License: CC BY-NC

BibTeX

@misc{cryptoeprint:2024/582,
      author = {Navid Alamati and Guru-Vamsi Policharla and Srinivasan Raghuraman and Peter Rindal},
      title = {Improved Alternating Moduli PRFs and Post-Quantum Signatures},
      howpublished = {Cryptology ePrint Archive, Paper 2024/582},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/582}},
      url = {https://eprint.iacr.org/2024/582}
}