Lattice-based (Partially) Blind Signature without Restart

We present in this paper a blind signature and its partially blind variant based on lattices assumptions. Blind signature is a cornerstone in privacy-oriented cryptography and we propose the first lattice based scheme without restart. Compare to related work, the key idea of our construction is to provide a trapdoor to the signer in order to let him perform some gaussian pre-sampling during the signature generation process, preventing this way to restart from scratch the whole protocol. We prove the security of our scheme under the ring k-SIS assumption, in the random oracle model. We also explain security issues in the other existing lattice-based blind signature schemes. Finally, we propose a partially blind variant of our scheme, which is done with no supplementary cost, as the number of elements generated and exchanged during the signing protocol is exactly the same.

[1]  Ron Steinfeld,et al.  Hardness of k-LWE and Applications in Traitor Tracing , 2016, Algorithmica.

[2]  W. Banaszczyk New bounds in some transference theorems in the geometry of numbers , 1993 .

[3]  Dimitrios Hristu-Varsakelis,et al.  Leakage-resilient lattice-based partially blind signatures , 2019, IET Inf. Secur..

[4]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[5]  Dan Boneh,et al.  Linearly Homomorphic Signatures over Binary Fields and New Tools for Lattice-Based Signatures , 2011, Public Key Cryptography.

[6]  Vadim Lyubashevsky,et al.  Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures , 2009, ASIACRYPT.

[7]  Niels Ferguson,et al.  Single Term Off-Line Coins , 1994, EUROCRYPT.

[8]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[9]  M. Robshaw,et al.  Faster Gaussian Sampling for Trapdoor Lattices with Arbitrary Modulus , 2018, IACR Cryptol. ePrint Arch..

[10]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[11]  Rachid El Bansarkhani,et al.  BLAZE: Practical Lattice-Based Blind Signatures for Privacy-Preserving Applications , 2020, IACR Cryptol. ePrint Arch..

[12]  Vadim Lyubashevsky,et al.  Lattice-Based Identification Schemes Secure Under Active Attacks , 2008, Public Key Cryptography.

[13]  Olivier Blazy,et al.  A code-based blind signature , 2017, 2017 IEEE International Symposium on Information Theory (ISIT).

[14]  Mihir Bellare,et al.  Multi-signatures in the plain public-Key model and a general forking lemma , 2006, CCS '06.

[15]  Erdem Alkim,et al.  Post-quantum Key Exchange - A New Hope , 2016, USENIX Security Symposium.

[16]  Yael Tauman Kalai,et al.  Robustness of the Learning with Errors Assumption , 2010, ICS.

[17]  Masayuki Abe,et al.  How to Date Blind Signatures , 1996, ASIACRYPT.

[18]  Oded Goldreich,et al.  Public-Key Cryptosystems from Lattice Reduction Problems , 1996, CRYPTO.

[19]  Albrecht Petzoldt,et al.  A Practical Multivariate Blind Signature Scheme , 2017, Financial Cryptography.

[20]  Chris Peikert,et al.  Efficient Collision-Resistant Hashing from Worst-Case Assumptions on Cyclic Lattices , 2006, TCC.

[21]  Eike Kiltz,et al.  A Modular Treatment of Blind Signatures from Identification Schemes , 2019, IACR Cryptol. ePrint Arch..

[22]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[23]  Rafail Ostrovsky,et al.  Security of blind digital signatures , 1997 .

[24]  Han Jiang,et al.  A New Post-Quantum Blind Signature From Lattice Assumptions , 2018, IEEE Access.

[25]  Markus Rückert,et al.  Lattice-based Blind Signatures , 2010, Algorithms and Number Theory.

[26]  Daniele Micciancio,et al.  Generalized Compact Knapsacks Are Collision Resistant , 2006, ICALP.

[27]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[28]  Jacques Stern,et al.  Provably Secure Blind Signature Schemes , 1996, ASIACRYPT.

[29]  Chris Peikert,et al.  Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller , 2012, IACR Cryptol. ePrint Arch..

[30]  Martin R. Albrecht,et al.  On the concrete hardness of Learning with Errors , 2015, J. Math. Cryptol..

[31]  Fangguo Zhang,et al.  A lattice-based partially blind signature , 2016, Secur. Commun. Networks.

[32]  Rafail Ostrovsky,et al.  Security of Blind Digital Signatures (Extended Abstract) , 1997, CRYPTO.

[33]  Stefan A. Brands,et al.  Untraceable Off-line Cash in Wallet with Observers , 2002 .

[34]  Ron Steinfeld,et al.  Efficient Public Key Encryption Based on Ideal Lattices , 2009, ASIACRYPT.

[35]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[36]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[37]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[38]  Rachid El Bansarkhani,et al.  On Lattice-Based Interactive Protocols with Aborts , 2020, IACR Cryptol. ePrint Arch..

[39]  Tatsuaki Okamoto,et al.  Provably Secure Partially Blind Signatures , 2000, CRYPTO.