{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T09:34:50Z","timestamp":1775900090358,"version":"3.50.1"},"publisher-location":"Cham","reference-count":57,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031385445","type":"print"},{"value":"9783031385452","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-38545-2_13","type":"book-chapter","created":{"date-parts":[[2023,8,8]],"date-time":"2023-08-08T19:02:27Z","timestamp":1691521347000},"page":"384-417","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["A Framework for\u00a0Practical Anonymous Credentials from\u00a0Lattices"],"prefix":"10.1007","author":[{"given":"Jonathan","family":"Bootle","sequence":"first","affiliation":[]},{"given":"Vadim","family":"Lyubashevsky","sequence":"additional","affiliation":[]},{"given":"Ngoc Khanh","family":"Nguyen","sequence":"additional","affiliation":[]},{"given":"Alessandro","family":"Sorniotti","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,8,9]]},"reference":[{"key":"13_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-642-14623-7_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"S Agrawal","year":"2010","unstructured":"Agrawal, S., Boneh, D., Boyen, X.: Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 98\u2013115. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14623-7_6"},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"Agrawal, S., Stehl\u00e9, D., Yadav, A.: Towards practical and round-optimal lattice-based threshold and blind signatures. IACR Cryptol. ePrint Arch., p. 381 (2021)","DOI":"10.1145\/3548606.3560650"},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Agrawal, S., Kirshanova, E., Stehl\u00e9, D., Yadav, A.: Practical, round-optimal lattice-based blind signatures (2022)","DOI":"10.1145\/3548606.3560650"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: STOC, pp. 99\u2013108 (1996)","DOI":"10.1145\/237814.237838"},{"key":"13_CR5","doi-asserted-by":"publisher","unstructured":"Albrecht, M.R., Cini, V., Lai, R.W.F., Malavolta, G., Thyagarajan, S.A.: Lattice-based SNARKs: publicly verifiable, preprocessing, and recursively composable. In: Dodis, Y., Shrimpton, T. (eds) CRYPTO 2022. LNCS, vol. 13508. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15979-4_4","DOI":"10.1007\/978-3-031-15979-4_4"},{"key":"13_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"470","DOI":"10.1007\/978-3-030-56880-1_17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"T Attema","year":"2020","unstructured":"Attema, T., Lyubashevsky, V., Seiler, G.: Practical product proofs for lattice commitments. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12171, pp. 470\u2013499. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56880-1_17"},{"key":"13_CR7","doi-asserted-by":"publisher","unstructured":"Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Mathematische Annalen 296(1): 625\u2013635 (1993). ISSN 1432\u20131807. https:\/\/doi.org\/10.1007\/BF01445125. https:\/\/doi.org\/10.1007\/BF01445125","DOI":"10.1007\/BF01445125"},{"key":"13_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"614","DOI":"10.1007\/3-540-39200-9_38","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2003","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614\u2013629. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-39200-9_38"},{"key":"13_CR9","doi-asserted-by":"crossref","unstructured":"Beullens, W., Seiler, G.: Labrador: compact proofs for R1CS from module-sis. IACR Cryptol. ePrint Arch., p. 1341 (2022)","DOI":"10.1007\/978-3-031-38554-4_17"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Beullens, W., Lyubashevsky, V., Nguyen, N.K., Seiler, G.: Lattice-based blind signatures: Short, efficient, and round-optimal. Cryptology ePrint Archive, Paper 2023\/077 (2023). https:\/\/eprint.iacr.org\/2023\/077. https:\/\/eprint.iacr.org\/2023\/077","DOI":"10.1145\/3576915.3616613"},{"key":"13_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"176","DOI":"10.1007\/978-3-030-26948-7_7","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"J Bootle","year":"2019","unstructured":"Bootle, J., Lyubashevsky, V., Seiler, G.: Algebraic techniques for short(er) exact lattice-based zero-knowledge proofs. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 176\u2013202. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_7"},{"key":"13_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"494","DOI":"10.1007\/978-3-030-03326-2_17","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"J Bootle","year":"2018","unstructured":"Bootle, J., Delaplace, C., Espitau, T., Fouque, P.-A., Tibouchi, M.: LWE without modular reduction and improved side-channel attacks against BLISS. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11272, pp. 494\u2013524. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03326-2_17"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Bos, J.W., et al.: CRYSTALS - kyber: a cca-secure module-lattice-based KEM. In: 2018 IEEE European Symposium on Security and Privacy, EuroS &P, pp. 353\u2013367 (2018)","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"13_CR14","unstructured":"Boschini, C., Takahashi, A., Tibouchi, M.: Musig-l: Lattice-based multi-signature with single-round online phase. Cryptology ePrint Archive, Paper 2022\/1036 (2022). https:\/\/eprint.iacr.org\/2022\/1036. https:\/\/eprint.iacr.org\/2022\/1036"},{"key":"13_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-030-64834-3_10","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2020","author":"K Boudgoust","year":"2020","unstructured":"Boudgoust, K., Jeudy, C., Roux-Langlois, A., Wen, W.: Towards classical hardness of\u00a0module-LWE: the linear rank case. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 289\u2013317. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64834-3_10"},{"key":"13_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-45572-3_1","volume-title":"Trust and Trustworthy Computing","author":"J Camenisch","year":"2016","unstructured":"Camenisch, J., Drijvers, M., Lehmann, A.: Anonymous attestation using the strong Diffie Hellman assumption revisited. In: Franz, M., Papadimitratos, P. (eds.) Trust 2016. LNCS, vol. 9824, pp. 1\u201320. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-45572-3_1"},{"key":"13_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"268","DOI":"10.1007\/3-540-36413-7_20","volume-title":"Security in Communication Networks","author":"J Camenisch","year":"2003","unstructured":"Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268\u2013289. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36413-7_20"},{"key":"13_CR18","doi-asserted-by":"publisher","unstructured":"Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030\u20131044 (1985). https:\/\/doi.org\/10.1145\/4372.4373. https:\/\/doi.org\/10.1145\/4372.4373","DOI":"10.1145\/4372.4373"},{"key":"13_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/BFb0032362","volume-title":"Cryptography: Policy and Algorithms","author":"L Chen","year":"1996","unstructured":"Chen, L.: Access with pseudonyms. In: Dawson, E., Goli\u0107, J. (eds.) CPA 1995. LNCS, vol. 1029, pp. 232\u2013243. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/BFb0032362"},{"key":"13_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"328","DOI":"10.1007\/0-387-34799-2_26","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 88","author":"IB Damg\u00e5rd","year":"1990","unstructured":"Damg\u00e5rd, I.B.: Payment systems and credential mechanisms with provable security against abuse by individuals. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 328\u2013335. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34799-2_26"},{"key":"13_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1007\/978-3-662-45608-8_2","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"L Ducas","year":"2014","unstructured":"Ducas, L., Lyubashevsky, V., Prest, T.: Efficient identity-based encryption over NTRU lattices. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 22\u201341. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45608-8_2"},{"key":"13_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"433","DOI":"10.1007\/978-3-642-34961-4_27","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"L Ducas","year":"2012","unstructured":"Ducas, L., Nguyen, P.Q.: Learning a zonotope and more: cryptanalysis of NTRUSign countermeasures. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 433\u2013450. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34961-4_27"},{"issue":"1","key":"13_CR23","doi-asserted-by":"publisher","first-page":"238","DOI":"10.46586\/tches.v2018.i1.238-268","volume":"2018","author":"L Ducas","year":"2018","unstructured":"Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schwabe, P., Seiler, G., Stehl\u00e9, D.: Crystals-dilithium: a lattice-based digital signature scheme. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(1), 238\u2013268 (2018)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"13_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/978-3-030-64834-3_9","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2020","author":"MF Esgin","year":"2020","unstructured":"Esgin, M.F., Nguyen, N.K., Seiler, G.: Practical Exact Proofs from Lattices: New Techniques to Exploit Fully-Splitting Rings. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 259\u2013288. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64834-3_9"},{"key":"13_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/978-3-030-26948-7_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"MF Esgin","year":"2019","unstructured":"Esgin, M.F., Steinfeld, R., Liu, J.K., Liu, D.: Lattice-Based Zero-Knowledge Proofs: New Techniques for Shorter and Faster Constructions and Applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 115\u2013146. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_5"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"Esgin, M.F., Zhao, R.K., Steinfeld, R., Liu, J.K., Liu, D.: Matrict: Efficient, scalable and post-quantum blockchain confidential transactions protocol. In: CCS, pp. 567\u2013584. ACM (2019)","DOI":"10.1145\/3319535.3354200"},{"key":"13_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"60","DOI":"10.1007\/11818175_4","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"M Fischlin","year":"2006","unstructured":"Fischlin, M.: Round-Optimal Composable Blind Signatures in the Common Reference String Model. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 60\u201377. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11818175_4"},{"key":"13_CR28","doi-asserted-by":"crossref","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC, pp. 197\u2013206 (2008)","DOI":"10.1145\/1374376.1374407"},{"key":"13_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-662-54365-8_1","volume-title":"Public-Key Cryptography \u2013 PKC 2017","author":"G Herold","year":"2017","unstructured":"Herold, G., May, A.: LP solutions of vectorial integer subset sums \u2013 cryptanalysis of galbraith\u2019s binary matrix LWE. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10174, pp. 3\u201315. Springer, Heidelberg (2017). https:\/\/doi.org\/10.1007\/978-3-662-54365-8_1"},{"key":"13_CR30","unstructured":"Hyperledger Foundation. Hyperledger Aries. https:\/\/www.hyperledger.org\/use\/aries. Accessed 06 Oct 2022"},{"key":"13_CR31","unstructured":"Hyperledger Foundation. Hyperledger Indy. https:\/\/www.hyperledger.org\/use\/hyperledger-indy. Accessed 06 Oct 2022"},{"key":"13_CR32","unstructured":"Jeudy, C., Roux-Langlois, A., Sanders, O.: Lattice signature with efficient protocols, application to anonymous credentials. Cryptology ePrint Archive, Paper 2022\/509 (2022). https:\/\/eprint.iacr.org\/2022\/509"},{"key":"13_CR33","unstructured":"Lai, Q., Liu, F.-H., Lysyanskaya, A., Wang, Z.: Lattice-based commit-transferrable signatures and applications to anonymous credentials. Cryptology ePrint Archive, Paper 2023\/766, (2023). https:\/\/eprint.iacr.org\/2023\/766"},{"issue":"3","key":"13_CR34","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/s10623-014-9938-4","volume":"75","author":"A Langlois","year":"2015","unstructured":"Langlois, A., Stehl\u00e9, D.: Worst-case to average-case reductions for module lattices. Des. Codes Crypt. 75(3), 565\u2013599 (2015)","journal-title":"Des. Codes Crypt."},{"key":"13_CR35","unstructured":"Looker, T., Kalos, V., Whitehead, A., Lodder, M.: The BBS Signature Scheme (2022). https:\/\/www.ietf.org\/id\/draft-looker-cfrg-bbs-signatures-01.html. Accessed 06 Oct 2022"},{"key":"13_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"184","DOI":"10.1007\/3-540-46513-8_14","volume-title":"Selected Areas in Cryptography","author":"A Lysyanskaya","year":"2000","unstructured":"Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym Systems. In: Heys, H., Adams, C. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184\u2013199. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-46513-8_14"},{"key":"13_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"598","DOI":"10.1007\/978-3-642-10366-7_35","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"V Lyubashevsky","year":"2009","unstructured":"Lyubashevsky, V.: Fiat-Shamir with aborts: applications to lattice and factoring-based signatures. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 598\u2013616. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_35"},{"key":"13_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"738","DOI":"10.1007\/978-3-642-29011-4_43","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"V Lyubashevsky","year":"2012","unstructured":"Lyubashevsky, V.: Lattice signatures without trapdoors. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 738\u2013755. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_43"},{"key":"13_CR39","unstructured":"Lyubashevsky, V., Micciancio, D.: Asymptotically efficient lattice-based digital signatures. Cryptology ePrint Archive, Paper 2013\/746 (2013). https:\/\/eprint.iacr.org\/2013\/746"},{"key":"13_CR40","doi-asserted-by":"crossref","unstructured":"Lyubashevsky, V., Micciancio, D.: Asymptotically efficient lattice-based digital signatures. J. Cryptol., 31(3), 774\u2013797 (2018). https:\/\/eprint.iacr.org\/2013\/746. Preliminary version appeared in TCC 2008","DOI":"10.1007\/s00145-017-9270-z"},{"key":"13_CR41","unstructured":"Lyubashevsky, V., Nguyen, N.K.: Bloom: bimodal lattice one-out-of-many proofs and applications. Cryptology ePrint Archive, Paper 2022\/1307 (2022). https:\/\/eprint.iacr.org\/2022\/1307"},{"key":"13_CR42","doi-asserted-by":"crossref","unstructured":"Lyubashevsky, V., Nguyen, N.K., Plan\u00e7on, M.: Lattice-based zero-knowledge proofs and applications: shorter, simpler, and more general. IACR Cryptol. ePrint Arch., p. 284 (2022). Appears in Crypto 2022","DOI":"10.1007\/978-3-031-15979-4_3"},{"key":"13_CR43","doi-asserted-by":"publisher","unstructured":"Lyubashevsky, V., Nguyen, N.K., PlanM.: Lattice-based zero-knowledge proofs and applications: shorter, simpler, and more general. In: Dodis, Y., Shrimpton, T. (eds) CRYPTO 2022. LNCS, vol. 13508, pp. 71\u2013101. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15979-4_3","DOI":"10.1007\/978-3-031-15979-4_3"},{"key":"13_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"611","DOI":"10.1007\/978-3-030-84245-1_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"V Lyubashevsky","year":"2021","unstructured":"Lyubashevsky, V., Nguyen, N.K., Seiler, G.: SMILE: set membership from ideal lattices with applications to ring signatures and confidential transactions. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12826, pp. 611\u2013640. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84245-1_21"},{"key":"13_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"218","DOI":"10.1007\/978-3-030-92068-5_8","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"V Lyubashevsky","year":"2021","unstructured":"Lyubashevsky, V., Nguyen, N.K., Plancon, M., Seiler, G.: Shorter lattice-based group signatures via\u00a0\u201cAlmost Free\u2019\u2019 encryption and\u00a0other optimizations. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13093, pp. 218\u2013248. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92068-5_8"},{"key":"13_CR46","unstructured":"MATTR. MATTR. https:\/\/github.com\/mattrglobal. Accessed 06 Oct 2022"},{"key":"13_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"700","DOI":"10.1007\/978-3-642-29011-4_41","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Micciancio","year":"2012","unstructured":"Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700\u2013718. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_41"},{"issue":"1","key":"13_CR48","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1137\/S0097539705447360","volume":"37","author":"D Micciancio","year":"2007","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on gaussian measures. SIAM J. Comput. 37(1), 267\u2013302 (2007)","journal-title":"SIAM J. Comput."},{"key":"13_CR49","unstructured":"NFCW. Digital identity market revenues to reach US\\$53bn in 2026 (2022). https:\/\/www.nfcw.com\/2022\/01\/31\/375825\/digital-identity-market-revenues-to-reach-us53bn-in-2026\/. Accessed 06 Oct 2022"},{"key":"13_CR50","unstructured":"del Pino, R., Katsumata, S.: A new framework for more efficient round-optimal lattice-based (partially) blind signature via trapdoor sampling. Cryptology ePrint Archive, Paper 2022\/834 (2022). https:\/\/eprint.iacr.org\/2022\/834. https:\/\/eprint.iacr.org\/2022\/834"},{"key":"13_CR51","doi-asserted-by":"crossref","unstructured":"del Pino, R., Lyubashevsky, V., Seiler, G.: Lattice-based group signatures and zero-knowledge proofs of automorphism stability. In: ACM Conference on Computer and Communications Security, pp. 574\u2013591. ACM (2018)","DOI":"10.1145\/3243734.3243852"},{"key":"13_CR52","unstructured":"Prest, T., et al.: FALCON. Technical report, National Institute of Standards and Technology (2017). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/ round-1-submissions"},{"key":"13_CR53","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6) (2009)","DOI":"10.1145\/1568318.1568324"},{"key":"13_CR54","unstructured":"The AnonCreds Specification Working Group. The AnonCreds Specification. https:\/\/github.com\/AnonCreds-WG\/anoncreds-spec (2022). Accessed 06 Oct 2022"},{"key":"13_CR55","unstructured":"Veramo. Veramo core development. https:\/\/github.com\/uport-project. Accessed 06 Oct 2022"},{"key":"13_CR56","unstructured":"Wee, H., Wu, D.J.: Succinct vector, polynomial, and functional commitments from lattices. Cryptology ePrint Archive, Paper 2022\/1515 (2022). https:\/\/eprint.iacr.org\/2022\/1515. https:\/\/eprint.iacr.org\/2022\/1515"},{"key":"13_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1007\/978-3-030-26948-7_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"R Yang","year":"2019","unstructured":"Yang, R., Au, M.H., Zhang, Z., Xu, Q., Yu, Z., Whyte, W.: Efficient lattice-based zero-knowledge arguments with standard soundness: construction and applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 147\u2013175. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_6"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-38545-2_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,26]],"date-time":"2025-07-26T22:02:51Z","timestamp":1753567371000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-38545-2_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031385445","9783031385452"],"references-count":57,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-38545-2_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"9 August 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"43","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"479","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"124","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}