Abstract The famous Fiat-Shamir transformation turns any public-coin three-round interactive
proof, ie, any so-called Σ-protocol, into a non-interactive proof in the random-oracle model …

We show a lattice-based solution for commit-and-prove transparent circuit zero-knowledge
(ZK) with polylog-communication, the first not depending on PCPs. We start from …

We show the following generic result: When a quantum query algorithm in the quantum
random-oracle model outputs a classical value t that is promised to be in some tight relation …

Blind signatures, proposed by Chaum (CRYPTO'82), are interactive protocols between a
signer and a user, where a user can obtain a signature without revealing the message to be …

Increasing deployment of advanced zero-knowledge proof systems, especially zkSNARKs,
has raised critical questions about their security against real-world attacks. Two classes of …

Today's most compact zero-knowledge arguments are based on the hardness of the discrete
logarithm problem and related classical assumptions. If one is interested in quantum-safe …

Signature schemes based on the MPC-in-the-head approach (MPCitH) have either been
designed by taking a proof system and selecting a suitable symmetric-key primitive (Picnic …

In a set membership proof, the public information consists of a set of elements and a
commitment. The prover then produces a zero-knowledge proof showing that the …

This work introduces Banquet, a digital signature scheme with post-quantum security,
constructed using only symmetric-key primitives. The design is based on the MPC-in-head …

With the emergence of quantum computers, traditional cryptographic methods are
vulnerable to attacks, emphasizing the need for post-quantum cryptography to secure …