CryptoDB
Practical Product Proofs for Lattice Commitments
| Authors: |
|
|---|---|
| Download: |
|
| Conference: | CRYPTO 2020 |
| Abstract: | We construct a practical lattice-based zero-knowledge argument for proving multiplicative relations between committed values. The underlying commitment scheme that we use is the currently most efficient one of Baum et al. (SCN 2018), and the size of our multiplicative proof is only slightly larger than of the one for just proving knowledge of the committed values. We additionally improve on the results of Lyubashevsky and Seiler (Eurocrypt 2018) to show that the above-mentioned techniques can work over rings $Z_q[X]/(X^d+1)$ where $X^d+1$ splits into low-degree factors, which is a property necessary for many applications. In particular, we use Fourier analysis to show that the NTT coefficients of random small-norm challenges are not concentrated on any particular value. |
Video from CRYPTO 2020
BibTeX
@inproceedings{crypto-2020-30475,
title={Practical Product Proofs for Lattice Commitments},
publisher={Springer-Verlag},
doi={10.1007/978-3-030-56880-1_17},
author={Thomas Attema and Vadim Lyubashevsky and Gregor Seiler},
year=2020
}