Affiliation:
1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences , Beijing 100093 , China
2. School of Cyber Security, University of Chinese Academy of Sciences , Beijing 100093 , China
Abstract
Abstract
Bootle et al. in CRYPTO 2019 proposed a zero knowledge proof for an $\mathrm{ISIS}_{m,n,q,\beta }$ instance $A\vec{s} = \vec{u} \bmod q$ with $\|\vec{s}\|_{\infty }\leq \beta $ (BLS scheme). It was implemented by transforming the instance into the form $A^{\prime }\vec{s}^{\prime } =\vec{u}\bmod q$, where the coefficients of $\vec{s}^{\prime}$ are in $\{0,1,2\}$, and proved the latter in an exact way. With the concrete parameters $m=1024,n=2048,\beta =1,q\approx 2^{32}$, their proof is of length 384.03KB. In this paper, we decrease the proof size of BLS scheme by two techniques. The first one takes effect on some special parameters. For these parameters, using the binary basic set instead of the ternary one results in a shorter proof. The second one deals with the repetition of the lower half in BLS scheme. Observing that what the lower half proves is of form $\mathbf{B}\vec{\mathbf{r}}=\vec{\mathbf{t}}$ with a short vector $\vec{\mathbf{r}}$ of polynomials, a variant of parallel repetition can be used to shorten the proof size. Combining these two techniques together, the proof size of the above-mentioned instance can be reduced to 220.01KB, only 57.3$\%$ of BLS scheme.
Funder
National Key Research and Development Program
National Natural Science Foundation of China
Beijing Natural Science Foundation
Publisher
Oxford University Press (OUP)
Reference24 articles.
1. The knowledge complexity of interactive proof systems;Goldwasser;SIAM J. Sci. Comput.,1989
2. Generating hard instances of lattice problems;Ajtai,1996
3. Concurrently secure identification schemes based on the worst-case hardness of lattice problems;Kawachi,2008
4. Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications;Ling,2013
5. A new identification scheme based on syndrome decoding;Stern,1993