Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption
Group encryption (GE) is the natural encryption analogue of group signatures in that it allows verifiably encrypting messages for some anonymous member of a group while providing evidence that the receiver is a properly certified group member. Should the need arise, an opening authority is capable o...
Saved in:
| Main Authors: | , , , , |
|---|---|
| 其他作者: | |
| 格式: | Conference or Workshop Item |
| 語言: | English |
| 出版: |
2020
|
| 主題: | |
| 在線閱讀: | https://hdl.handle.net/10356/142808 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| id |
sg-ntu-dr.10356-142808 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1428082023-02-28T19:17:25Z Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption Libert, Benoǐt Ling, San Mouhartem, Fabrice Nguyen, Khoa Wang, Huaxiong School of Physical and Mathematical Sciences 22nd International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2016) Science::Mathematics Lattices Zero-knowledge Proofs Group encryption (GE) is the natural encryption analogue of group signatures in that it allows verifiably encrypting messages for some anonymous member of a group while providing evidence that the receiver is a properly certified group member. Should the need arise, an opening authority is capable of identifying the receiver of any ciphertext. As introduced by Kiayias, Tsiounis and Yung (Asiacrypt’07), GE is motivated by applications in the context of oblivious retriever storage systems, anonymous third parties and hierarchical group signatures. This paper provides the first realization of group encryption under lattice assumptions. Our construction is proved secure in the standard model (assuming interaction in the proving phase) under the Learning-With-Errors (LWE) and Short-Integer-Solution (SIS) assumptions. As a crucial component of our system, we describe a new zero-knowledge argument system allowing to demonstrate that a given ciphertext is a valid encryption under some hidden but certified public key, which incurs to prove quadratic statements about LWE relations. Specifically, our protocol allows arguing knowledge of witnesses consisting of X ∈ ℤqm×n, s ∈ ℤnq and a small-norm e ∈ ℤm which underlie a public vector b = X · s + e ∈ ℤmq while simultaneously proving that the matrix X ∈ ℤm×nq has been correctly certified. We believe our proof system to be useful in other applications involving zero-knowledge proofs in the lattice setting. MOE (Min. of Education, S’pore) Accepted version 2020-07-01T08:31:01Z 2020-07-01T08:31:01Z 2016 Conference Paper Libert, B., Ling, S., Mouhartem, F., Nguyen, K., & Wang, H. (2016). Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption. Proceedings of 22nd International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2016), 10032, 101-131. doi:10.1007/978-3-662-53890-6_4 978-3-662-53889-0 https://hdl.handle.net/10356/142808 10.1007/978-3-662-53890-6_4 2-s2.0-85008152048 10032 101 131 en © 2016 International Association for Cryptologic Research. All rights reserved. This paper was published by Springer in Proceedings of 22nd International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2016) and is made available with permission of International Association for Cryptologic Research. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Science::Mathematics Lattices Zero-knowledge Proofs |
| spellingShingle |
Science::Mathematics Lattices Zero-knowledge Proofs Libert, Benoǐt Ling, San Mouhartem, Fabrice Nguyen, Khoa Wang, Huaxiong Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption |
| description |
Group encryption (GE) is the natural encryption analogue of group signatures in that it allows verifiably encrypting messages for some anonymous member of a group while providing evidence that the receiver is a properly certified group member. Should the need arise, an opening authority is capable of identifying the receiver of any ciphertext. As introduced by Kiayias, Tsiounis and Yung (Asiacrypt’07), GE is motivated by applications in the context of oblivious retriever storage systems, anonymous third parties and hierarchical group signatures. This paper provides the first realization of group encryption under lattice assumptions. Our construction is proved secure in the standard model (assuming interaction in the proving phase) under the Learning-With-Errors (LWE) and Short-Integer-Solution (SIS) assumptions. As a crucial component of our system, we describe a new zero-knowledge argument system allowing to demonstrate that a given ciphertext is a valid encryption under some hidden but certified public key, which incurs to prove quadratic statements about LWE relations. Specifically, our protocol allows arguing knowledge of witnesses consisting of X ∈ ℤqm×n, s ∈ ℤnq and a small-norm e ∈ ℤm which underlie a public vector b = X · s + e ∈ ℤmq while simultaneously proving that the matrix X ∈ ℤm×nq has been correctly certified. We believe our proof system to be useful in other applications involving zero-knowledge proofs in the lattice setting. |
| author2 |
School of Physical and Mathematical Sciences |
| author_facet |
School of Physical and Mathematical Sciences Libert, Benoǐt Ling, San Mouhartem, Fabrice Nguyen, Khoa Wang, Huaxiong |
| format |
Conference or Workshop Item |
| author |
Libert, Benoǐt Ling, San Mouhartem, Fabrice Nguyen, Khoa Wang, Huaxiong |
| author_sort |
Libert, Benoǐt |
| title |
Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption |
| title_short |
Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption |
| title_full |
Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption |
| title_fullStr |
Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption |
| title_full_unstemmed |
Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption |
| title_sort |
zero-knowledge arguments for matrix-vector relations and lattice-based group encryption |
| publishDate |
2020 |
| url |
https://hdl.handle.net/10356/142808 |
| _version_ |
1759854562181644288 |