Calamari and Falafl: Logarithmic (Linkable) Ring Signatures from Isogenies and Lattices

Beullens, Ward; Katsumata, Shuichi; Pintore, Federico

doi:10.1007/978-3-030-64834-3_16

Cited by 76 publications

(104 citation statements)

References 28 publications

Supporting

Mentioning

104

Contrasting

Order By: Relevance

“…It is indicated that this scheme has a smaller size of key and signature, and the computational efficiency of signature generation and verification has also been further increased through the comparison with other similar schemes. Finally, we implemented our scheme and other schemes [15,28,29], and it is shown that the time for signature generation and verification of this scheme decreases roughly by 44.951% and 33.503%, respectively, compared with other three existing latest LRS schemes [15,28,29]. Compared with latest lattice-based LRS schemes [28,29], the proposed scheme has the smallest public and private key size and also has the smallest signature size when N ≤ 8.…”

Section: Our Constructionmentioning

confidence: 93%

“…Finally, we implemented our scheme and other schemes [15,28,29], and it is shown that the time for signature generation and verification of this scheme decreases roughly by 44.951% and 33.503%, respectively, compared with other three existing latest LRS schemes [15,28,29]. Compared with latest lattice-based LRS schemes [28,29], the proposed scheme has the smallest public and private key size and also has the smallest signature size when N ≤ 8.…”

Section: Our Constructionmentioning

confidence: 93%

“…In Section 6, we discuss how initial parameters are selected and point at the next research directions. In Section 7, we make a detailed performance comparison with other three existing schemes [15,28,29]. Finally, we present the experimental results of this scheme and related schemes in Section 8.…”

Section: Organizationmentioning

confidence: 99%

“…at same year, Baum et al [27] produced a more efficient LRS scheme based upon the collision-resistance hash function on lattice, whose security is based on the problem of Module-LWE and Module-SIS. In 2020, Beullens et al [28] gave the logarithmic LRS from isogeny and lattice assumptions; the length of the signature has a logarithmic relationship with the number of ring members. But they generally have the disadvantages of high communication costs and lower computation performance.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Identity-Based Linkable Ring Signature on NTRU Lattice

Tang

Xia

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

Although most existing linkable ring signature schemes on lattice can effectively resist quantum attacks, they still have the disadvantages of excessive time and storage overhead. This paper constructs an identity-based linkable ring signature (LRS) scheme over NTRU lattice by employing the technologies of trapdoor generation and rejection sampling. The security of this scheme relies on the small integer solution (SIS) problem on NTRU lattice. We prove that this scheme has unconditional anonymity, unforgeability, and linkability under the random oracle model (ROM). Through the performance analysis, this scheme has a shorter size of public/private keys, and when the number of ring members is small (such as N ≤ 8 ), this scheme has a shorter signature size compared with other existing latest lattice-based LRS schemes. The computational efficiency of signature has also been further improved since it only involves multiplication in the polynomial ring and modular operations of small integers. Finally, we implemented our scheme and other similar schemes, and it is shown that the time for the signature generation and verification of this scheme decreases roughly by 44.951% and 33.503%, respectively.

show abstract

Section: Our Constructionmentioning

confidence: 93%

Section: Our Constructionmentioning

confidence: 93%

Section: Organizationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Identity-Based Linkable Ring Signature on NTRU Lattice

Tang

Xia

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…However, anonymity of claim issuers is not a primary subject of the standards; thus, it cannot be directly employed for our usage. One naive solution is to employ anonymous signatures such as ring signatures [40], especially linkable ring signatures [5], [13], [30], [32], [44], [45], [47], which have been widely used to add anonymity in cryptocurrencies such as Monero [35]. This solution assumes that there are token admitters who are trusted; i.e., they are recognized as entities that can issue tokens but are not allowed further responsibilities.…”

Section: Introductionmentioning

confidence: 99%

An Anonymous Trust-Marking Scheme on Blockchain Systems

et al. 2021

View full text Add to dashboard Cite

During the Coincheck incident, which recorded the largest damages in cryptocurrency history in 2018, it was demonstrated that using Mosaic token can have a certain effect. Although it seems attractive to employ tokens as countermeasures for cryptocurrency leakage, Mosaic is a specific token for the New Economy Movement (NEM) cryptocurrency and is not employed for other blockchain systems or cryptocurrencies. Moreover, although some volunteers tracked leaked NEM using Mosaic in the CoinCheck incident, it would be better to verify that the volunteers can be trusted. Simultaneously, if someone (e.g., who stole cryptocurrencies) can identify the volunteers, then that person or organization may be targets of them. In this paper, we propose an anonymous trust-marking scheme on blockchain systems that is universally applicable to any cryptocurrency. In our scheme, entities called token admitters are allowed to generate tokens adding trustworthiness or untrustworthiness to addresses. Anyone can anonymously verify whether these tokens were issued by a token admitter. Simultaneously, only the designated auditor and no one else, including nondesignated auditors, can identify the token admitters. Our scheme is based on accountable ring signatures and commitment, and is implemented on an elliptic curve called Curve25519, and we confirm that both cryptographic tools are efficient. Moreover, we also confirm that our scheme is applicable to Bitcoin, Ethereum, and NEM.

show abstract

Calamari and Falafl: Logarithmic (Linkable) Ring Signatures from Isogenies and Lattices

Beullens

Katsumata

Pintore

2020

Lecture Notes in Computer Science

104

View full text Add to dashboard Cite

We construct efficient ring signatures (RS) from isogeny and lattice assumptions. Our ring signatures are based on a logarithmic OR proof for group actions. We instantiate this group action by either the CSIDH group action or an MLWE-based group action to obtain our isogeny-based or lattice-based RS scheme, respectively. Even though the OR proof has a binary challenge space and therefore requires a number of repetitions which is linear in the security parameter, the sizes of our ring signatures are small and scale better with the ring size N than previously known post-quantum ring signatures. We also construct linkable ring signatures (LRS) that are almost as efficient as the non-linkable variants. The isogeny-based scheme produces signatures whose size is an order of magnitude smaller than all previously known logarithmic post-quantum ring signatures, but it is relatively slow (e.g. 5.5 KB signatures and 79 s signing time for rings with 8 members). In comparison, the latticebased construction is much faster, but has larger signatures (e.g. 30 KB signatures and 90 ms signing time for the same ring size). For small ring sizes our lattice-based ring signatures are slightly larger than state-ofthe-art schemes, but they are smaller for ring sizes larger than N ≈ 1024.

show abstract

Calamari and Falafl: Logarithmic (Linkable) Ring Signatures from Isogenies and Lattices

Cited by 76 publications

References 28 publications

Identity-Based Linkable Ring Signature on NTRU Lattice

Identity-Based Linkable Ring Signature on NTRU Lattice

An Anonymous Trust-Marking Scheme on Blockchain Systems

Calamari and Falafl: Logarithmic (Linkable) Ring Signatures from Isogenies and Lattices

Contact Info

Product

Resources

About