Ngày 10/04/2025

Speaker: Dung Bui (IRIF, Université Paris Cité, France).

Title: Faster Signatures from MPC-in-the-Head

Abstract: We revisit the construction of signature schemes using the MPC-in-the-head paradigm. We obtain two main contributions:

- We observe that previous signatures in the MPC-in-the-head paradigm must rely on a salted version of the GGM puncturable pseudorandom function (PPRF) to avoid collision attacks. We design a new efficient PPRF construction that is provably secure in the multi-instance setting. The security analysis of our PPRF, in the ideal cipher model, is quite involved and forms a core technical contribution to our work. While previous constructions had to rely on a hash function, our construction uses only a fixed-key block cipher and is considerably more efficient as a result: we observe a 12× to 55× speed improvement for a recent signature scheme (Joux and Huth, Crypto’24). Our improved PPRF can be used to speed up many MPC-in-the-head signatures.

 -  We introduce a new signature scheme from the regular syndrome decoding assumption based on a new protocol for the MPC-in-the-head paradigm, which significantly reduces communication compared to previous works. Our scheme is conceptually simple, though its security analysis requires a delicate and nontrivial combinatorial analysis.

This is joint work with Eliana Carozza, Geoffroy Couteau, Dahmun Goudarzi, and Antoine Joux. The work was presented in IACR Asiacrypt 2024 conference.

Article link: https://ia.cr/2024/252

___________________________________________________

Ngày 17/04/2025

Speaker: Ky Nguyen (DIENS, École normale supérieure, CNRS, PSL University, Paris, France).

Time: 14:00 pm - 15:30 pm, Thursday, 17/04/2025

Mode of participation: VIASM/VMM Joint Online Cryptography Seminar

Title: Pairing-Free Blind Signatures from Standard Assumptions in the ROM

Abstract: Blind Signatures are a useful primitive for privacy preserving applications such as electronic payments, e-voting, anonymous credentials, and more. However, existing practical blind signature schemes based on standard assumptions require either pairings or lattices. We present the first practical construction of a round-optimal blind signature in the random oracle model based on standard assumptions without resorting to pairings or lattices. In particular, our construction is secure under the strong RSA assumption and DDH (in pairing- free groups). For our construction, we provide a NIZK-friendly signature based on strong RSA, and efficiently instantiate a variant of Fischlin’s generic framework (CRYPTO’06). Our Blind Signature scheme has signatures of size 4.28 KB and communication cost 10.98 KB. On the way, we develop techniques that might be of independent interest. In particular, we provide efficient relaxed range-proofs for large ranges with subversion zero-knowledge and compact commitments to elements of arbitrary groups.

This is a joint work with Julia Kastner (CWI) and Michael Reichle (ETH Zurich), available at https://eprint.iacr.org/2023/1810

The work was presented in IACR Crypto 2024 conference.

___________________________________________________

Ngày 24/04/2025

Speaker: Duy Nguyen (Telecom Paris, Institut Polytechnique de Paris, France)

Time: 14:00 pm - 15:30 pm, Thursday, 24/04/2025

Mode of participation: VIASM/VMM Joint Online Cryptography Seminar

Title: Dynamic Decentralized Functional Encryptions from Pairings in the Standard Model

Abstract: Dynamic Decentralized Functional Encryption (DDFE), introduced by Chotard et al. (CRYPTO'20), represents a robust generalization of (Multi-Client) Functional Encryption. It allows users to dynamically join and contribute private inputs to individually controlled joint functions without requiring a trusted authority.

Recently, Shi and Vanjani (PKC'23) proposed the first Multi-Client Functional Encryption scheme for function-hiding inner products (FH-IP) without relying on random oracles. Unfortunately, their construction still requires a trusted key authority, leaving open the question of whether a full-fledged FH-IP-DDFE can exist in the standard model. In this work, we answer this question affirmatively by introducing Updatable Pseudorandom Zero Sharing, a novel concept that provides both the critical functionality and security properties needed to construct secure DDFE schemes in the standard model.

Our second contribution is a novel proof strategy, which preserves adaptive security when transforming any functional encryption scheme for FH-IP into FH-IP-DDFE. Together, these two techniques enable a modular construction of FH-IP-DDFE that is secure against adaptive message and key queries in the standard model.

Additionally, our pseudorandom zero-sharing scheme is highly versatile, enabling the first DDFE for attribute-weighted sums in the standard model, complementing the recent ROM-based construction by Agrawal et al. (CRYPTO'23).

This work will be presented in IACR-PKC 2025 conference

Article link: https://eprint.iacr.org/2024/580.pdf