[Resource Topic] 2022/1036: MuSig-L: Lattice-Based Multi-Signature With Single-Round Online Phase

Welcome to the resource topic for 2022/1036

Title:
MuSig-L: Lattice-Based Multi-Signature With Single-Round Online Phase

Authors: Cecilia Boschini, Akira Takahashi, Mehdi Tibouchi

Abstract:

Multi-signatures are protocols that allow a group of signers to jointly produce a single signature on the same message. In recent years, a number of practical multi-signature schemes have been proposed in the discrete-log setting, such as MuSigT (CRYPTO’21) and DWMS (CRYPTO’21). The main technical challenge in constructing a multi-signature scheme is to achieve a set of several desirable properties, such as (1) security in the plain public-key (PPK) model, (2) concurrent security, (3) low online round complexity, and (4) key aggregation. However, previous lattice-based, post-quantum counterparts to Schnorr multi-signatures fail to satisfy these properties.

In this paper, we introduce MuSigL, a lattice-based multi-signature scheme simultaneously achieving these design goals for the first time. Unlike the recent, round-efficient proposal of Damgård et al. (PKC’21), which had to rely on lattice-based trapdoor commitments, we do not require any additional primitive in the protocol, while being able to prove security from the standard module-SIS and LWE assumptions. The resulting output signature of our scheme therefore looks closer to the usual Fiat–Shamir-with-abort signatures.

ePrint: https://eprint.iacr.org/2022/1036

Talk: https://www.youtube.com/watch?v=71uIOejj-Rc

Slides: https://iacr.org/submit/files/slides/2022/crypto/crypto2022/323/slides.pdf

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .