CryptoDB
Improved Alternating-Moduli PRFs and Post-Quantum Signatures
| Authors: |
|
|---|---|
| Download: |
|
| Presentation: | Slides |
| Conference: | CRYPTO 2024 |
| Abstract: | We revisit the alternating moduli paradigm for constructing symmetric key primitives with a focus on constructing highly efficient protocols to evaluate them using secure multi-party computation (MPC). The alternating moduli paradigm of Boneh et al. (TCC 2018) enables the construction of various symmetric key primitives with the common characteristic that the inputs are multiplied by two linear maps over different moduli, first over F_2 and then over F_3. The first contribution focuses on efficient two-party evaluation of alternating moduli PRFs, effectively building an oblivious pseudorandom function. We present a generalization of the PRF proposed by Boneh et al. (TCC 18) along with methods to lower the communication and computation. We then provide several variants of our protocols, with different computation and communication tradeoffs, for evaluating the PRF. Most are in the OT/VOLE hybrid model while one is based on specialized garbling. Our most efficient protocol effectively is about 3x faster and requires 1.3x lesser communication. Our next contribution is the efficient evaluation of the OWF f(x) = B *_3 (A *_2 x) proposed by Dinur et al. (CRYPTO 21) where A \in F^{m x n}_2, B \in F^{t x m}_3 and *_p is multiplication mod p. This surprisingly simple OWF can be evaluated within MPC by secret sharing [x] over F_2, locally computing [v] = A *_2 [x], performing a modulus switching protocol to F_3 shares, followed by locally computing the output shares [y] = B *_3 [v]. We design a bespoke MPC-in-the-Head (MPCitH) signature scheme that evaluates the OWF, achieving state of art performance. The resulting signature has a size ranging from 4.0-5.5 KB, achieving between 2-3x reduction compared to Dinur et al. To the best of our knowledge, this is only 5% larger than the smallest signature based on symmetric key primitives, including the latest NIST PQC competition submissions. We additionally show that our core techniques can be extended to build very small post-quantum ring signatures for small-medium sized rings that are competitive with state-of-the-art lattice based schemes. Our techniques are in fact more generally applicable to set membership in MPCitH. |
BibTeX
@inproceedings{crypto-2024-34150,
title={Improved Alternating-Moduli PRFs and Post-Quantum Signatures},
publisher={Springer-Verlag},
doi={10.1007/978-3-031-68397-8_9},
author={Navid Alamati and Guru-Vamsi Policharla and Srinivasan Raghuraman and Peter Rindal},
year=2024
}