Generic construction of threshold ring signatures and lattice-based instantiations
Hao Lin (TU Delft - Cyber Security, Naval University of Engineering)
Mingqiang Wang (Shandong University)
Weiqiang Wen (ENSTA Paris Institut Polytechnique de Paris)
Shi Feng Sun (Shanghai Jiao Tong University)
Kaitai Liang (TU Delft - Cyber Security)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
A t-out-of-n threshold ring signature allows t parties to jointly sign a message on behalf of n parties without revealing the identities of the signers. In this paper, we introduce a new generic construction for threshold ring signature, called GC-TRS, which can be built on top of a selection on identification schemes, commitment schemes, and a new primitive called t-out-of-n proof protocol which is a special type of zero-knowledge proof. In general, our design enables a group of t signers to first generate an aggregated signature by interacting with each other; then they are able to compute a t-out-of-n proof to convince the verifier that the aggregated signature is indeed produced by t individuals among a particular set. The signature is succinct, as it contains only one aggregated signature and one proof in the final signature. We define all the properties required for the building blocks to capture the security of the GC-TRS and provide a detailed security proof. Furthermore, we propose two lattice-based instantiations for the GC-TRS, named LTRS and CTRS, respectively. Notably, the CTRS scheme is the first scheme that has a logarithmic signature size relative to the ring size. Additionally, during the instantiation process, we construct two t-out-of-n proof protocols, which may be of independent interest.
Files
File under embargo until 29-12-2025