ACMBeullens, WardLyubashevsky, VadimNgoc Khanh NguyenSeiler, Gregor2024-03-182024-03-182024-03-182023-01-0110.1145/3576915.3616613https://infoscience.epfl.ch/handle/20.500.14299/206292WOS:001124987200002We propose a 2-round blind signature protocol based on the random oracle heuristic and the hardness of standard lattice problems (Ring/Module-SIS/LWE and NTRU) with a signature size of 22 KB. The protocol is round-optimal and has a transcript size that can be as small as 60 KB. This blind signature is around 4 times shorter than the most compact lattice-based scheme based on standard assumptions of del Pino and Katsumata (Crypto 2022) and around 2 times shorter than the scheme of Agrawal et al. (CCS 2022) based on their newly-proposed one-more-ISIS assumption. We also propose a "keyed-verification" blind signature scheme in which the verifier and the signer need to share a secret key. This scheme has a smaller signature size of only 48 bytes, but further work is needed to explore the efficiency of its signature generation protocol.TechnologyLattice-Based CryptographyPost-Quantum CryptographyBlind Signaturestext::conference output::conference proceedings::conference paper