{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T10:14:39Z","timestamp":1772878479312,"version":"3.50.1"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031159787","type":"print"},{"value":"9783031159794","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-15979-4_25","type":"book-chapter","created":{"date-parts":[[2022,10,12]],"date-time":"2022-10-12T16:25:31Z","timestamp":1665591931000},"page":"729-757","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Efficient\u00a0NIZKs\u00a0and\u00a0Signatures\u00a0from Commit-and-Open Protocols in\u00a0the\u00a0QROM"],"prefix":"10.1007","author":[{"given":"Jelle","family":"Don","sequence":"first","affiliation":[]},{"given":"Serge","family":"Fehr","sequence":"additional","affiliation":[]},{"given":"Christian","family":"Majenz","sequence":"additional","affiliation":[]},{"given":"Christian","family":"Schaffner","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,10,13]]},"reference":[{"key":"25_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"219","DOI":"10.1007\/978-3-319-76953-0_12","volume-title":"Topics in Cryptology \u2013 CT-RSA 2018","author":"J-P Aumasson","year":"2018","unstructured":"Aumasson, J.-P., Endignoux, G.: Improving stateless hash-based signatures. In: Smart, N.P. (ed.) CT-RSA 2018. LNCS, vol. 10808, pp. 219\u2013242. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-76953-0_12"},{"key":"25_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-25385-0_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"D Boneh","year":"2011","unstructured":"Boneh, D., Dagdelen, \u00d6., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random oracles in a quantum world. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 41\u201369. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25385-0_3"},{"key":"25_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/978-3-030-75245-3_11","volume-title":"Public-Key Cryptography \u2013 PKC 2021","author":"C Baum","year":"2021","unstructured":"Baum, C., de Saint Guilhem, C.D., Kales, D., Orsini, E., Scholl, P., Zaverucha, G.: Banquet: short and fast signatures from AES. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12710, pp. 266\u2013297. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-75245-3_11"},{"key":"25_CR4","unstructured":"Blocki, J., Lee, S., Zhou, S.: On the security of proofs of sequential work in a post-quantum world (2021)"},{"key":"25_CR5","doi-asserted-by":"crossref","unstructured":"Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 1825\u20131842. ACM, New York (2017)","DOI":"10.1145\/3133956.3133997"},{"key":"25_CR6","unstructured":"Chase, M., et al.: The picnic signature scheme. In: Submission to NIST Post-Quantum Cryptography project (2019)"},{"key":"25_CR7","unstructured":"Chase, M., et al.: Picnic (2019). https:\/\/www.microsoft.com\/en-us\/research\/project\/picnic\/, Accessed 9 Apr 2019"},{"key":"25_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"598","DOI":"10.1007\/978-3-030-77886-6_21","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2021","author":"K-M Chung","year":"2021","unstructured":"Chung, K.-M., Fehr, S., Huang, Y.-H., Liao, T.-N.: On the compressed-oracle technique, and post-quantum security of proofs of sequential work. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12697, pp. 598\u2013629. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-77886-6_21"},{"key":"25_CR9","doi-asserted-by":"crossref","unstructured":"Chung, K.M., Guo, S., Liu, Q., Qian, L.: Tight quantum time-space tradeoffs for function inversion. In: 2020 IEEE 61st Annual Symposium on Foundations of Computer Science (FOCS), pp. 673\u2013684 (2020)","DOI":"10.1109\/FOCS46700.2020.00068"},{"key":"25_CR10","unstructured":"Chailloux, A.: Tight quantum security of the Fiat-Shamir transform for commit-and-open identification schemes with applications to post-quantum signature schemes. Cryptology ePrint Archive, Report 2019\/699, version 1 July 2019 (2019). https:\/\/eprint.iacr.org\/2019\/699\/20190701:091436"},{"key":"25_CR11","unstructured":"Chailloux, A.: Tight quantum security of the Fiat-Shamir transform for commit-and-open identification schemes with applications to post-quantum signature schemes. Cryptology ePrint Archive, Report 2019\/699, version 16 March 2021 (2021). https:\/\/eprint.iacr.org\/2019\/699\/20210316:124850"},{"key":"25_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-030-36033-7_1","volume-title":"Theory of Cryptography","author":"A Chiesa","year":"2019","unstructured":"Chiesa, A., Manohar, P., Spooner, N.: Succinct arguments in the quantum random oracle model. In: Hofheinz, D., Rosen, A. (eds.) TCC 2019. LNCS, vol. 11892, pp. 1\u201329. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-36033-7_1"},{"key":"25_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"602","DOI":"10.1007\/978-3-030-56877-1_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"J Don","year":"2020","unstructured":"Don, J., Fehr, S., Majenz, C.: The measure-and-reprogram technique 2.0: multi-round fiat-shamir and more. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 602\u2013631. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56877-1_21"},{"key":"25_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"356","DOI":"10.1007\/978-3-030-26951-7_13","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"J Don","year":"2019","unstructured":"Don, J., Fehr, S., Majenz, C., Schaffner, C.: Security of the fiat-shamir transformation in the quantum random-oracle model. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 356\u2013383. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26951-7_13"},{"key":"25_CR15","unstructured":"Don, J., Fehr, S., Majenz, C., Schaffner, C.: Online-extractability in the quantum random-oracle model. Cryptology ePrint Archive, Report 2021\/280 (2021). https:\/\/eprint.iacr.org\/2021\/280"},{"issue":"1","key":"25_CR16","doi-asserted-by":"publisher","first-page":"238","DOI":"10.46586\/tches.v2018.i1.238-268","volume":"2018","author":"L Ducas","year":"2018","unstructured":"Ducas, L., et al.: Crystals-dilithium: a lattice-based digital signature scheme. IACR Trans. Cryptographic Hardware Embed. Syst. 2018(1), 238\u2013268 (2018)","journal-title":"IACR Trans. Cryptographic Hardware Embed. Syst."},{"key":"25_CR17","unstructured":"Dobraunig, C., Kales, D., Rechberger, C., Schofnegger, M., Zaverucha, G.: Shorter signatures based on tailor-made minimalist symmetric-key crypto. Cryptology ePrint Archive, Report 2021\/692 (2021). https:\/\/ia.cr\/2021\/692"},{"key":"25_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1007\/11535218_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"M Fischlin","year":"2005","unstructured":"Fischlin, M.: Communication-efficient non-interactive proofs of knowledge with online extractors. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 152\u2013168. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11535218_10"},{"key":"25_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 86","author":"A Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186\u2013194. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/3-540-47721-7_12"},{"key":"25_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"637","DOI":"10.1007\/978-3-030-92062-3_22","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"AB Grilo","year":"2021","unstructured":"Grilo, A.B., H\u00f6velmanns, K., H\u00fclsing, A., Majenz, C.: Tight adaptive reprogramming in\u00a0the\u00a0QROM. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13090, pp. 637\u2013667. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92062-3_22"},{"key":"25_CR21","unstructured":"Hamoudi, Y., Magniez, F.: Quantum time-space tradeoff for finding multiple collision pairs. In: Hsieh, M.-H. (ed.) 16th Conference on the Theory of Quantum Computation, Communication and Cryptography (TQC 2021), vol. 197 of Leibniz International Proceedings in Informatics (LIPIcs), pp. 1:1\u20131:21. Schloss Dagstuhl - Leibniz-Zentrum f\u00fcr Informatik, Dagstuhl (2021)"},{"key":"25_CR22","doi-asserted-by":"crossref","unstructured":"Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: Proceedings of the Thirty-Ninth Annual ACM Symposium on Theory of Computing, STOC 2007, pp. 21\u201330. Association for Computing Machinery, New York (2007)","DOI":"10.1145\/1250790.1250794"},{"key":"25_CR23","doi-asserted-by":"crossref","unstructured":"Katz, J., Kolesnikov, V., Wang, X.: Improved non-interactive zero knowledge with applications to post-quantum signatures. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, pp. 525\u2013537. Association for Computing Machinery, New York (2018)","DOI":"10.1145\/3243734.3243805"},{"key":"25_CR24","doi-asserted-by":"crossref","unstructured":"Kales, D., Zaverucha, G.: Improving the performance of the picnic signature scheme. IACR Trans. Cryptographic Hardware Embed. Syst., 154\u2013188 (2020)","DOI":"10.46586\/tches.v2020.i4.154-188"},{"key":"25_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/978-3-030-17659-4_7","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"Q Liu","year":"2019","unstructured":"Liu, Q., Zhandry, M.: On finding quantum multi-collisions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 189\u2013218. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17659-4_7"},{"key":"25_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1007\/978-3-030-26951-7_12","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"Q Liu","year":"2019","unstructured":"Liu, Q., Zhandry, M.: Revisiting post-quantum fiat-shamir. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 326\u2013355. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26951-7_12"},{"key":"25_CR27","unstructured":"Nist post-quantum cryptography standardization. https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/round-1-submissions"},{"key":"25_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1007\/978-3-642-29011-4_10","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Unruh","year":"2012","unstructured":"Unruh, D.: Quantum proofs of knowledge. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 135\u2013152. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_10"},{"key":"25_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"755","DOI":"10.1007\/978-3-662-46803-6_25","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"D Unruh","year":"2015","unstructured":"Unruh, D.: Non-interactive zero-knowledge proofs in the quantum random oracle model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 755\u2013784. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46803-6_25"},{"key":"25_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/978-3-030-26951-7_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"M Zhandry","year":"2019","unstructured":"Zhandry, M.: How to record quantum queries, and applications to quantum indifferentiability. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 239\u2013268. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26951-7_9"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2022"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-15979-4_25","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T22:03:31Z","timestamp":1760220211000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-15979-4_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031159787","9783031159794"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-15979-4_25","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"13 October 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 August 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 August 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"42","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}