[Resource Topic] 2023/263: DualMS: Efficient Lattice-Based Two-Round Multi-Signature with Trapdoor-Free Simulation

Welcome to the resource topic for 2023/263

DualMS: Efficient Lattice-Based Two-Round Multi-Signature with Trapdoor-Free Simulation

Authors: Yanbo Chen


A multi-signature scheme allows multiple signers to jointly sign a common message. Recently, two lattice-based two-round multi-signature schemes based on Dilithium-G were proposed: DOTT by Damgård, Orlandi, Takahashi, and Tibouchi (PKC’21) and MuSig-L by Boschini, Takahashi, and Tibouchi (CRYPTO’22).

In this work, we propose a lattice-based two-round multi-signature scheme called DualMS. Compared to DOTT, DualMS is likely to significantly reduce signature size, since it replaces an opening to a homomorphic trapdoor commitment with a Dilithium-G response in the signature. Compared to MuSig-L, concrete parameters show that DualMS has smaller public keys, signatures, and lower communication, while the first round cannot be preprocessed offline as in MuSig-L.

The main reason behind such improvements is a trapdoor-free “dual signing simulation” of our scheme. Signature simulation of DualMS is virtually identical the normal signing procedure and does not use lattice trapdoors like DOTT and MuSig-L.

ePrint: https://eprint.iacr.org/2023/263

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .