Short lattice-based one-out-of-many proofs and applications to ring signatures

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

24 Citations (Scopus)


In this work, we construct a short one-out-of-many proof from (module) lattices, allowing one to prove knowledge of a secret associated with one of the public values in a set. The proof system builds on a combination of ideas from the efficient proposals in the discrete logarithm setting by Groth and Kohlweiss (EUROCRYPT ’15) and Bootle et al. (ESORICS ’15), can have logarithmic communication complexity in the set size and does not require a trusted setup. Our work resolves an open problem mentioned by Libert et al. (EUROCRYPT ’16) of how to efficiently extend the above discrete logarithm proof techniques to the lattice setting. To achieve our result, we introduce new technical tools for design and analysis of algebraic lattice-based zero-knowledge proofs, which may be of independent interest. Using our proof system as a building block, we design a short ring signature scheme, whose security relies on “post-quantum” lattice assumptions. Even for a very large ring size such as 1 billion, our ring signature size is only 3 MB for 128-bit security level compared to 216 MB in the best existing lattice-based result by Libert et al. (EUROCRYPT ’16).

Original languageEnglish
Title of host publicationApplied Cryptography and Network Security
Subtitle of host publication17th International Conference, ACNS 2019 Bogota, Colombia, June 5–7, 2019 Proceedings
EditorsRobert H. Deng, Valérie Gauthier-Umaña, Martín Ochoa, Moti Yung
Place of PublicationCham Switzerland
Number of pages22
ISBN (Electronic)9783030215682
ISBN (Print)9783030215675
Publication statusPublished - 2019
EventInternational Conference on Applied Cryptography and Network Security 2019 - Bogota, Colombia
Duration: 5 Jun 20197 Jun 2019
Conference number: 17th (Proceedings)

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceInternational Conference on Applied Cryptography and Network Security 2019
Abbreviated titleACNS 2019
Internet address


  • Lattice-based cryptography
  • Ring signature
  • Zero-knowledge proof

Cite this