Archivio Istituzionale della RicercaA multi-signature scheme allows a list of signers to sign a common message. They are widely used in scenarios where the same message must be signed and transmitted by .N users, and, instead of concatenating .N individual signatures, employing a multi-signature can reduce the data to be sent. In recent years there have been numerous practical proposals in the discrete logarithm setting, such as MuSig2 (CRYPTO’21) for the Schnorr signature. Recently, these attempts have been extended to post-quantum assumptions, with lattice-based proposals such as MuSig-L (CRYPTO’22). Given the growth of group actionbased signatures, a natural question is whether a multi-signature can be built on the same models. In this work, we present the first construction of such a primitive relying on group action assumptions. We obtain a 3- round scheme achieving concurrent security in the ROM. Moreover, we instantiate it using the three candidates to the additional post-quantum NIST’s call, namely LESS, MEDS and ALTEQ, obtaining a good compression rate for different parameters sets
A Framework for Group Action-Based Multi-signatures and Applications to LESS, MEDS, and ALTEQ / D'Alconzo, Giuseppe; Flamini, Andrea; Meneghetti, Alessio; Signorini, Edoardo. - (2025), pp. 99-133. (Intervento presentato al convegno 28th IACR International Conference on Practice and Theory of Public Key Cryptography, PKC 2025 tenutosi a Røros (Norway) nel May 12–15, 2025) [10.1007/978-3-031-91823-0_4].
A Framework for Group Action-Based Multi-signatures and Applications to LESS, MEDS, and ALTEQ
D'Alconzo, Giuseppe;Flamini, Andrea;Signorini, Edoardo
2025
Abstract
A multi-signature scheme allows a list of signers to sign a common message. They are widely used in scenarios where the same message must be signed and transmitted by .N users, and, instead of concatenating .N individual signatures, employing a multi-signature can reduce the data to be sent. In recent years there have been numerous practical proposals in the discrete logarithm setting, such as MuSig2 (CRYPTO’21) for the Schnorr signature. Recently, these attempts have been extended to post-quantum assumptions, with lattice-based proposals such as MuSig-L (CRYPTO’22). Given the growth of group actionbased signatures, a natural question is whether a multi-signature can be built on the same models. In this work, we present the first construction of such a primitive relying on group action assumptions. We obtain a 3- round scheme achieving concurrent security in the ROM. Moreover, we instantiate it using the three candidates to the additional post-quantum NIST’s call, namely LESS, MEDS and ALTEQ, obtaining a good compression rate for different parameters sets
| File | Dimensione | Formato | |
|---|---|---|---|
|
978-3-031-91823-0_4.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
1.86 MB
Formato
Adobe PDF
|
1.86 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
2024-1691.pdf
embargo fino al 05/05/2026
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
4.55 MB
Formato
Adobe PDF
|
4.55 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3000008