We construct a practical lattice-based zero-knowledge argument for proving multiplicative relations between committed values. The underlying commitment scheme that we use is the currently most efficient one of Baum et al. (SCN 2018), and the size of our multiplicative proof (9 KB) is only slightly larger than the 7 KB required for just proving knowledge of the committed values. We additionally expand on the work of Lyubashevsky and Seiler (Eurocrypt 2018) by showing that the above-mentioned result can also apply when working over rings Zq[X]/(Xd+1) where Xd+1 splits into low-degree factors, which is a desirable property for many applications (e.g. range proofs, multiplications over Zq) that take advantage of packing multiple integers into t...
In preparation for the eventual arrival of quantum computers, there has been a significant amount of...
A key component of many lattice-based protocols is a zeroknowledge proof of knowledge of a vector ~s...
We propose the first zero-knowledge argument with sub-linear communication complexity for arithmetic...
We construct a practical lattice-based zero-knowledge argument for proving multiplicative relations ...
This PhD thesis is about practical lattice-based zero-knowledge proof systems. We construct protocol...
International audienceWe provide lattice-based protocols allowing to prove relations among committed...
There has been a lot of recent progress in constructing efficient zero-knowledge proofs for showing ...
We extend a commitment scheme based on the learning with errors over rings (RLWE) problem, and prese...
We extend a commitment scheme based on the learning with errors over rings (RLWE) problem, and prese...
We present efficient Zero-Knowledge Proofs of Knowledge (ZKPoK) for linear and multiplicative relati...
We propose a practical zero-knowledge proof system for proving knowledge of short solutions s, e to ...
Recent works on lattice-based extractable polynomial commitments can be grouped into two classes: (i...
For a public value $y$ and a linear function $f$, giving a zero-knowledge proof of knowledge of a se...
Today\u27s most compact zero-knowledge arguments are based on the hardness of the discrete logarithm...
Abstract. We design an efficient commitment scheme, and companion zero-knowledge proofs of knowledge...
In preparation for the eventual arrival of quantum computers, there has been a significant amount of...
A key component of many lattice-based protocols is a zeroknowledge proof of knowledge of a vector ~s...
We propose the first zero-knowledge argument with sub-linear communication complexity for arithmetic...
We construct a practical lattice-based zero-knowledge argument for proving multiplicative relations ...
This PhD thesis is about practical lattice-based zero-knowledge proof systems. We construct protocol...
International audienceWe provide lattice-based protocols allowing to prove relations among committed...
There has been a lot of recent progress in constructing efficient zero-knowledge proofs for showing ...
We extend a commitment scheme based on the learning with errors over rings (RLWE) problem, and prese...
We extend a commitment scheme based on the learning with errors over rings (RLWE) problem, and prese...
We present efficient Zero-Knowledge Proofs of Knowledge (ZKPoK) for linear and multiplicative relati...
We propose a practical zero-knowledge proof system for proving knowledge of short solutions s, e to ...
Recent works on lattice-based extractable polynomial commitments can be grouped into two classes: (i...
For a public value $y$ and a linear function $f$, giving a zero-knowledge proof of knowledge of a se...
Today\u27s most compact zero-knowledge arguments are based on the hardness of the discrete logarithm...
Abstract. We design an efficient commitment scheme, and companion zero-knowledge proofs of knowledge...
In preparation for the eventual arrival of quantum computers, there has been a significant amount of...
A key component of many lattice-based protocols is a zeroknowledge proof of knowledge of a vector ~s...
We propose the first zero-knowledge argument with sub-linear communication complexity for arithmetic...