{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T20:56:11Z","timestamp":1769720171636,"version":"3.49.0"},"publisher-location":"Cham","reference-count":61,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030457266","type":"print"},{"value":"9783030457273","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-45727-3_8","type":"book-chapter","created":{"date-parts":[[2020,5,1]],"date-time":"2020-05-01T05:02:33Z","timestamp":1588309353000},"page":"212-244","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":22,"title":["Signatures from Sequential-OR Proofs"],"prefix":"10.1007","author":[{"given":"Marc","family":"Fischlin","sequence":"first","affiliation":[]},{"given":"Patrick","family":"Harasser","sequence":"additional","affiliation":[]},{"given":"Christian","family":"Janson","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,5,1]]},"reference":[{"key":"8_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1007\/3-540-46035-7_28","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"M Abdalla","year":"2002","unstructured":"Abdalla, M., An, J.H., Bellare, M., Namprempre, C.: From identification to signatures via the Fiat-Shamir transform: minimizing assumptions for security and forward-security. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 418\u2013433. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_28"},{"issue":"3","key":"8_CR2","doi-asserted-by":"publisher","first-page":"597","DOI":"10.1007\/s00145-015-9203-7","volume":"29","author":"M Abdalla","year":"2016","unstructured":"Abdalla, M., Fouque, P.-A., Lyubashevsky, V., Tibouchi, M.: Tightly secure signatures from lossy identification schemes. J. Cryptol. 29(3), 597\u2013631 (2016). https:\/\/doi.org\/10.1007\/s00145-015-9203-7","journal-title":"J. Cryptol."},{"key":"8_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"415","DOI":"10.1007\/3-540-36178-2_26","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2002","author":"M Abe","year":"2002","unstructured":"Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of-n signatures from a variety of keys. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415\u2013432. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-36178-2_26"},{"key":"8_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/978-3-319-59879-6_9","volume-title":"Post-Quantum Cryptography","author":"E Alkim","year":"2017","unstructured":"Alkim, E., et al.: Revisiting TESLA in the quantum random oracle model. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 143\u2013162. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59879-6_9"},{"key":"8_CR5","doi-asserted-by":"crossref","unstructured":"Ambainis, A., Rosmanis, A., Unruh, D.: Quantum attacks on classical proof systems: the hardness of quantum rewinding. In: 55th FOCS, pp. 474\u2013483 (2014)","DOI":"10.1109\/FOCS.2014.57"},{"key":"8_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"629","DOI":"10.1007\/978-3-662-46494-6_26","volume-title":"Theory of Cryptography","author":"C Bader","year":"2015","unstructured":"Bader, C., Hofheinz, D., Jager, T., Kiltz, E., Li, Y.: Tightly-secure authenticated key exchange. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 629\u2013658. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46494-6_26"},{"key":"8_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1007\/978-3-319-04852-9_2","volume-title":"Topics in Cryptology \u2013 CT-RSA 2014","author":"S Bai","year":"2014","unstructured":"Bai, S., Galbraith, S.D.: An improved compression technique for signatures based on learning with errors. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 28\u201347. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-04852-9_2"},{"key":"8_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/978-3-030-01950-1_18","volume-title":"Information and Communications Security","author":"C Baum","year":"2018","unstructured":"Baum, C., Lin, H., Oechsner, S.: Towards practical lattice-based one-time linkable ring signatures. In: Naccache, D., et al. (eds.) ICICS 2018. LNCS, vol. 11149, pp. 303\u2013322. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-01950-1_18"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: ACM CCS, vol. 93, pp. 62\u201373 (1993)","DOI":"10.1145\/168588.168596"},{"key":"8_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-25385-0_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"D Boneh","year":"2011","unstructured":"Boneh, D., Dagdelen, \u00d6., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random oracles in a quantum world. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 41\u201369. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25385-0_3"},{"key":"8_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1007\/BFb0054117","volume-title":"Advances in Cryptology \u2014 EUROCRYPT\u201998","author":"D Boneh","year":"1998","unstructured":"Boneh, D., Venkatesan, R.: Breaking RSA may not be equivalent to factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 59\u201371. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0054117"},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"B\u00fcnz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: 2018 IEEE Symposium on Security and Privacy, pp. 315\u2013334 (2018)","DOI":"10.1109\/SP.2018.00020"},{"key":"8_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"465","DOI":"10.1007\/3-540-69053-0_32","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1997","author":"J Camenisch","year":"1997","unstructured":"Camenisch, J.: Efficient and generalized group signatures. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 465\u2013479. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_32"},{"key":"8_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1007\/978-3-319-78381-9_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"J Camenisch","year":"2018","unstructured":"Camenisch, J., Drijvers, M., Gagliardoni, T., Lehmann, A., Neven, G.: The wonderful world of global random oracles. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part I. LNCS, vol. 10820, pp. 280\u2013312. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_11"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS, pp. 136\u2013145 (2001)","DOI":"10.1109\/SFCS.2001.959888"},{"key":"8_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/978-3-540-70936-7_4","volume-title":"Theory of Cryptography","author":"R Canetti","year":"2007","unstructured":"Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 61\u201385. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-70936-7_4"},{"key":"8_CR17","doi-asserted-by":"crossref","unstructured":"Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited (preliminary version). In: 30th ACM STOC, pp. 209\u2013218 (1998)","DOI":"10.1145\/276698.276741"},{"key":"8_CR18","doi-asserted-by":"crossref","unstructured":"Canetti, R., Jain, A., Scafuro, A.: Practical UC security with a global random oracle. In: ACM CCS 2014, pp. 597\u2013608 (2014)","DOI":"10.1145\/2660267.2660374"},{"key":"8_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1007\/3-540-46416-6_22","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1991","author":"D Chaum","year":"1991","unstructured":"Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257\u2013265. Springer, Heidelberg (1991). https:\/\/doi.org\/10.1007\/3-540-46416-6_22"},{"key":"8_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1007\/978-3-662-49099-0_5","volume-title":"Theory of Cryptography","author":"M Ciampi","year":"2016","unstructured":"Ciampi, M., Persiano, G., Scafuro, A., Siniscalchi, L., Visconti, I.: Improved OR-composition of sigma-protocols. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016, Part II. LNCS, vol. 9563, pp. 112\u2013141. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49099-0_5"},{"key":"8_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-662-49896-5_3","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"M Ciampi","year":"2016","unstructured":"Ciampi, M., Persiano, G., Scafuro, A., Siniscalchi, L., Visconti, I.: Online\/offline OR composition of sigma protocols. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 63\u201392. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49896-5_3"},{"key":"8_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/3-540-69053-0_7","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1997","author":"R Cramer","year":"1997","unstructured":"Cramer, R., Damg\u00e5rd, I.: Fast and secure immunization against adaptive man-in-the-middle impersonation. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 75\u201387. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_7"},{"key":"8_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"174","DOI":"10.1007\/3-540-48658-5_19","volume-title":"Advances in Cryptology \u2014 CRYPTO 1994","author":"R Cramer","year":"1994","unstructured":"Cramer, R., Damg\u00e5rd, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174\u2013187. Springer, Heidelberg (1994). https:\/\/doi.org\/10.1007\/3-540-48658-5_19"},{"key":"8_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-642-42045-0_4","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"\u00d6 Dagdelen","year":"2013","unstructured":"Dagdelen, \u00d6., Fischlin, M., Gagliardoni, T.: The Fiat\u2013Shamir transformation in a quantum world. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 62\u201381. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-42045-0_4"},{"key":"8_CR25","unstructured":"Damg\u00e5rd, I.: On $$\\Sigma $$-protocols. Lecture Notes, Department for Computer Science, University of Aarhus (2002)"},{"key":"8_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"515","DOI":"10.1007\/978-3-540-85174-5_29","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"Y Dodis","year":"2008","unstructured":"Dodis, Y., Shoup, V., Walfish, S.: Efficient constructions of composable commitments and zero-knowledge proofs. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 515\u2013535. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85174-5_29"},{"key":"8_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"356","DOI":"10.1007\/978-3-030-26951-7_13","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"J Don","year":"2019","unstructured":"Don, J., Fehr, S., Majenz, C., Schaffner, C.: Security of the Fiat-Shamir transformation in the quantum random-oracle model. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part II. LNCS, vol. 11693, pp. 356\u2013383. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26951-7_13"},{"key":"8_CR28","doi-asserted-by":"crossref","unstructured":"Ducas, E. et al.: CRYSTALS-Dilithium: a lattice-based digital signature scheme. IACR TCHES 2018, vol. 1, pp. 238\u2013268 (2018). https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/839","DOI":"10.46586\/tches.v2018.i1.238-268"},{"key":"8_CR29","unstructured":"Ducas, L., et al.: Crystals-Dilithium: algorithm specifications and supporting documentation (2019). https:\/\/pq-crystals.org\/dilithium\/index.shtml"},{"key":"8_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/978-3-030-26948-7_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"MF Esgin","year":"2019","unstructured":"Esgin, M.F., Steinfeld, R., Liu, J.K., Liu, D.: Lattice-based zero-knowledge proofs: new techniques for shorter and faster constructions and applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part I. LNCS, vol. 11692, pp. 115\u2013146. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_5"},{"key":"8_CR31","doi-asserted-by":"crossref","unstructured":"Feige, U., Shamir, A.: Witness indistinguishable and witness hiding protocols. In: 22nd ACM STOC, pp. 416\u2013426 (1990)","DOI":"10.1145\/100216.100272"},{"key":"8_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology \u2014 CRYPTO 1986","author":"A Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186\u2013194. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/3-540-47721-7_12"},{"key":"8_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"444","DOI":"10.1007\/978-3-642-38348-9_27","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"M Fischlin","year":"2013","unstructured":"Fischlin, M., Fleischhacker, N.: Limitations of the meta-reduction technique: the case of Schnorr signatures. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 444\u2013460. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_27"},{"key":"8_CR34","doi-asserted-by":"crossref","unstructured":"Fischlin, M., Harasser, P., Janson, C.: Signatures from sequential-OR proofs. IACR Cryptology ePrint Archive (2020). https:\/\/eprint.iacr.org\/2020\/271","DOI":"10.1007\/978-3-030-45727-3_8"},{"key":"8_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/978-3-642-17373-8_18","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"M Fischlin","year":"2010","unstructured":"Fischlin, M., Lehmann, A., Ristenpart, T., Shrimpton, T., Stam, M., Tessaro, S.: Random oracles with(out) Programmability. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 303\u2013320. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_18"},{"key":"8_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"389","DOI":"10.1007\/978-3-319-45871-7_23","volume-title":"Information Security","author":"M Fukumitsu","year":"2016","unstructured":"Fukumitsu, M., Hasegawa, S.: Impossibility on the provable security of the Fiat-Shamir-Type signatures in the non-programmable random oracle model. In: Bishop, M., Nascimento, A.C.A. (eds.) ISC 2016. LNCS, vol. 9866, pp. 389\u2013407. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-45871-7_23"},{"key":"8_CR37","doi-asserted-by":"crossref","unstructured":"Fukumitsu, M., Hasegawa, S.: Black-box separations on Fiat-Shamir-type signatures in the non-programmable random oracle model. IEICE Trans. 101-A(1), 77\u201387 (2018)","DOI":"10.1587\/transfun.E101.A.77"},{"key":"8_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1007\/3-540-39200-9_11","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2003","author":"JA Garay","year":"2003","unstructured":"Garay, J.A., MacKenzie, P., Yang, K.: Strengthening zero-knowledge protocols using signatures. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 177\u2013194. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-39200-9_11"},{"key":"8_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-319-96881-0_4","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"K Gj\u00f8steen","year":"2018","unstructured":"Gj\u00f8steen, K., Jager, T.: Practical and tightly-secure digital signatures and authenticated key exchange. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part II. LNCS, vol. 10992, pp. 95\u2013125. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96881-0_4"},{"issue":"2","key":"8_CR40","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1137\/0217017","volume":"17","author":"S Goldwasser","year":"1988","unstructured":"Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281\u2013308 (1988)","journal-title":"SIAM J. Comput."},{"key":"8_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/3-540-45961-8_11","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1988","author":"LC Guillou","year":"1988","unstructured":"Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123\u2013128. Springer, Heidelberg (1988). https:\/\/doi.org\/10.1007\/3-540-45961-8_11"},{"key":"8_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"590","DOI":"10.1007\/978-3-642-32009-5_35","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"D Hofheinz","year":"2012","unstructured":"Hofheinz, D., Jager, T.: Tightly secure signatures and public-key encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 590\u2013607. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_35"},{"key":"8_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/3-540-68339-9_13","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1996","author":"M Jakobsson","year":"1996","unstructured":"Jakobsson, M., Sako, K., Impagliazzo, R.: Designated verifier proofs and their applications. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143\u2013154. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68339-9_13"},{"key":"8_CR44","unstructured":"Jedusor, T.E.: MimbleWimble (2016). https:\/\/download.wpsoftware.net\/bitcoin\/wizardry\/mimblewimble.txt"},{"key":"8_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"552","DOI":"10.1007\/978-3-319-78372-7_18","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"E Kiltz","year":"2018","unstructured":"Kiltz, E., Lyubashevsky, V., Schaffner, C.: A concrete treatment of Fiat-Shamir signatures in the quantum random-oracle model. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part III. LNCS, vol. 10822, pp. 552\u2013586. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_18"},{"key":"8_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-662-46494-6_5","volume-title":"Theory of Cryptography","author":"Y Lindell","year":"2015","unstructured":"Lindell, Y.: An efficient transform from sigma protocols to NIZK with a CRS and non-programmable random oracle. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 93\u2013109. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46494-6_5"},{"key":"8_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"325","DOI":"10.1007\/978-3-540-27800-9_28","volume-title":"Information Security and Privacy","author":"JK Liu","year":"2004","unstructured":"Liu, J.K., Wei, V.K., Wong, D.S.: Linkable spontaneous anonymous group signature for ad hoc groups (extended abstract). In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 325\u2013335. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-27800-9_28"},{"key":"8_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1007\/978-3-030-26951-7_12","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"Q Liu","year":"2019","unstructured":"Liu, Q., Zhandry, M.: Revisiting post-quantum Fiat-Shamir. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part II. LNCS, vol. 11693, pp. 326\u2013355. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26951-7_12"},{"key":"8_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"738","DOI":"10.1007\/978-3-642-29011-4_43","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"V Lyubashevsky","year":"2012","unstructured":"Lyubashevsky, V.: Lattice signatures without trapdoors. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 738\u2013755. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_43"},{"key":"8_CR50","unstructured":"Maxwell, G., Poelstra, A.: Borromean ring signatures (2015). https:\/\/pdfs.semanticscholar.org\/4160\/470c7f6cf05ffc81a98e8fd67fb0c84836ea.pdf"},{"key":"8_CR51","volume-title":"Quantum Computation and Quantum Information: 10th Anniversary Edition","author":"MA Nielsen","year":"2011","unstructured":"Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information: 10th Anniversary Edition, 10th edn. Cambridge University Press, New York (2011)","edition":"10"},{"key":"8_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-48071-4_3","volume-title":"Advances in Cryptology \u2014 CRYPTO 1992","author":"T Okamoto","year":"1993","unstructured":"Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 31\u201353. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-48071-4_3"},{"key":"8_CR53","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11593447_1","volume-title":"Advances in Cryptology - ASIACRYPT 2005","author":"P Paillier","year":"2005","unstructured":"Paillier, P., Vergnaud, D.: Discrete-log-based signatures may not be equivalent to discrete log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 1\u201320. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11593447_1"},{"key":"8_CR54","unstructured":"Poelstra, A.: MimbleWimble (2016). https:\/\/download.wpsoftware.net\/bitcoin\/wizardry\/mimblewimble.pdf"},{"issue":"3","key":"8_CR55","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/s001450010003","volume":"13","author":"D Pointcheval","year":"2000","unstructured":"Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361\u2013396 (2000). https:\/\/doi.org\/10.1007\/s001450010003","journal-title":"J. Cryptol."},{"key":"8_CR56","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"552","DOI":"10.1007\/3-540-45682-1_32","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2001","author":"RL Rivest","year":"2001","unstructured":"Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552\u2013565. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45682-1_32"},{"issue":"3","key":"8_CR57","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C-P Schnorr","year":"1991","unstructured":"Schnorr, C.-P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161\u2013174 (1991). https:\/\/doi.org\/10.1007\/BF00196725","journal-title":"J. Cryptol."},{"key":"8_CR58","unstructured":"van Saberhagen, N.: CryptoNote v 2.0 (2013). https:\/\/cryptonote.org\/whitepaper.pdf"},{"key":"8_CR59","unstructured":"Venturi, D.: Zero-knowledge proofs and applications (2015). http:\/\/wwwusers.di.uniroma1.it\/~venturi\/misc\/zero-knowledge.pdf"},{"key":"8_CR60","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"758","DOI":"10.1007\/978-3-642-32009-5_44","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"M Zhandry","year":"2012","unstructured":"Zhandry, M.: Secure identity-based encryption in the quantum random oracle model. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 758\u2013775. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_44"},{"key":"8_CR61","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"435","DOI":"10.1007\/978-3-319-26059-4_24","volume-title":"Provable Security","author":"Z Zhang","year":"2015","unstructured":"Zhang, Z., Chen, Y., Chow, S.S.M., Hanaoka, G., Cao, Z., Zhao, Y.: Black-box separations of hash-and-sign signatures in the non-programmable random oracle model. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 435\u2013454. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26059-4_24"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2020"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-45727-3_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:06:35Z","timestamp":1682899595000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-45727-3_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030457266","9783030457273"],"references-count":61,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-45727-3_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"1 May 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zagreb","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Croatia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 May 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 May 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"39","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"IACR websubrev","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"375","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"81","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}