{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T10:14:41Z","timestamp":1772878481372,"version":"3.50.1"},"publisher-location":"Cham","reference-count":57,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319968803","type":"print"},{"value":"9783319968810","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-96881-0_23","type":"book-chapter","created":{"date-parts":[[2018,7,23]],"date-time":"2018-07-23T19:54:39Z","timestamp":1532375679000},"page":"669-699","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":68,"title":["Sub-linear Lattice-Based Zero-Knowledge Arguments for Arithmetic Circuits"],"prefix":"10.1007","author":[{"given":"Carsten","family":"Baum","sequence":"first","affiliation":[]},{"given":"Jonathan","family":"Bootle","sequence":"additional","affiliation":[]},{"given":"Andrea","family":"Cerulli","sequence":"additional","affiliation":[]},{"given":"Rafael","family":"del Pino","sequence":"additional","affiliation":[]},{"given":"Jens","family":"Groth","sequence":"additional","affiliation":[]},{"given":"Vadim","family":"Lyubashevsky","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,7,24]]},"reference":[{"key":"23_CR1","doi-asserted-by":"crossref","unstructured":"Ames, S., Hazay, C., Ishai, Y., Venkitasubramaniam, M.: Ligero: lightweight sublinear arguments without a trusted setup. In: Thuraisingham et al. [TEMX17], pp. 2087\u20132104","DOI":"10.1145\/3133956.3134104"},{"key":"23_CR2","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: 28th ACM STOC, pp. 99\u2013108. ACM Press, May 1996","DOI":"10.1145\/237814.237838"},{"key":"23_CR3","doi-asserted-by":"publisher","first-page":"625","DOI":"10.1007\/BF01445125","volume":"296","author":"W Banaszczyk","year":"1993","unstructured":"Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Mathematische Annalen 296, 625\u2013635 (1993)","journal-title":"Mathematische Annalen"},{"key":"23_CR4","unstructured":"Bunz, B., Bootle, J., Boneh, D., Poelstra, A., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. Cryptology ePrint Archive, Report 2017\/1066 (2017). https:\/\/eprint.iacr.org\/2017\/1066"},{"key":"23_CR5","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-662-49896-5_12","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"Jonathan Bootle","year":"2016","unstructured":"Bootle, J., Cerulli, A., Chaidos, P., Groth, J., Petit, C.: Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In: Fischlin and Coron [FC16], pp. 327\u2013357"},{"key":"23_CR6","doi-asserted-by":"crossref","unstructured":"Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In: Goldwasser, S. (ed.) ITCS 2012, pp. 326\u2013349. ACM, January 2012","DOI":"10.1145\/2090236.2090263"},{"key":"23_CR7","doi-asserted-by":"crossref","unstructured":"Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: Recursive composition and bootstrapping for SNARKS and proof-carrying data. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) 45th ACM STOC, pp. 111\u2013120. ACM Press, June 2013","DOI":"10.1145\/2488608.2488623"},{"key":"23_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1007\/978-3-319-70700-6_12","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"J Bootle","year":"2017","unstructured":"Bootle, J., Cerulli, A., Ghadafi, E., Groth, J., Hajiabadi, M., Jakobsen, S.K.: Linear-time zero-knowledge proofs for arithmetic circuit satisfiability. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part III. LNCS, vol. 10626, pp. 336\u2013365. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70700-6_12"},{"key":"23_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"551","DOI":"10.1007\/978-3-662-45611-8_29","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"F Benhamouda","year":"2014","unstructured":"Benhamouda, F., Camenisch, J., Krenn, S., Lyubashevsky, V., Neven, G.: Better zero-knowledge proofs for lattice encryption and their application to group signatures. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 551\u2013572. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_29"},{"key":"23_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1007\/978-3-642-11799-2_13","volume-title":"Theory of Cryptography","author":"R Bendlin","year":"2010","unstructured":"Bendlin, R., Damg\u00e5rd, I.: Threshold decryption and zero-knowledge proofs for lattice-based cryptosystems. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 201\u2013218. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-11799-2_13"},{"key":"23_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"478","DOI":"10.1007\/978-3-662-53015-3_17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"C Baum","year":"2016","unstructured":"Baum, C., Damg\u00e5rd, I., Larsen, K.G., Nielsen, M.: How to prove knowledge of small secrets. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part III. LNCS, vol. 9816, pp. 478\u2013498. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53015-3_17"},{"key":"23_CR12","unstructured":"Baum, C., Damg\u00e5rd, I., Oechsner, S., Peikert, C.: Efficient commitments and zero-knowledge protocols from ring-SIS with applications to lattice-based threshold cryptosystems. Cryptology ePrint Archive, Report 2016\/997 (2016). http:\/\/eprint.iacr.org\/2016\/997"},{"key":"23_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1007\/978-3-319-04852-9_2","volume-title":"Topics in Cryptology \u2013 CT-RSA 2014","author":"S Bai","year":"2014","unstructured":"Bai, S., Galbraith, S.D.: An improved compression technique for signatures based on learning with errors. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 28\u201347. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-04852-9_2"},{"key":"23_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-319-24174-6_16","volume-title":"Computer Security \u2013 ESORICS 2015","author":"F Benhamouda","year":"2015","unstructured":"Benhamouda, F., Krenn, S., Lyubashevsky, V., Pietrzak, K.: Efficient zero-knowledge proofs for commitments from learning with errors over rings. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015, Part I. LNCS, vol. 9326, pp. 305\u2013325. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-24174-6_16"},{"key":"23_CR15","doi-asserted-by":"crossref","unstructured":"Cramer, R., Damg\u00e5rd, I.: Linear zero-knowledge - a note on efficient zero-knowledge proofs and arguments. In: 29th ACM STOC, pp. 436\u2013445. ACM Press, May 1997","DOI":"10.1145\/258533.258635"},{"key":"23_CR16","doi-asserted-by":"crossref","unstructured":"Chase, M., Derler, D., Goldfeder, S., Orlandi, C., Ramacher, S., Rechberger, C., Slamanig, D., Zaverucha, G.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: Thuraisingham et al. [TEMX17], pp. 1825\u20131842","DOI":"10.1145\/3133956.3133997"},{"issue":"2","key":"23_CR17","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1007\/s00145-013-9145-x","volume":"27","author":"R Cramer","year":"2014","unstructured":"Cramer, R., Damg\u00e5rd, I., Keller, M.: On the amortized complexity of zero-knowledge protocols. J. Cryptol. 27(2), 284\u2013316 (2014)","journal-title":"J. Cryptol."},{"key":"23_CR18","first-page":"479","volume-title":"Lecture Notes in Computer Science","author":"Ronald Cramer","year":"2017","unstructured":"Cramer, R., Damg\u00e5rd, I., Xing, C., Yuan, C.: Amortized complexity of zero-knowledge proofs revisited: achieving linear soundness slack. In: Coron and Nielsen [CN17], pp. 479\u2013500"},{"key":"23_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-56620-7","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","year":"2017","unstructured":"Coron, J.-S., Nielsen, J.B. (eds.): EUROCRYPT 2017, Part I. LNCS, vol. 10210. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56620-7"},{"key":"23_CR20","unstructured":"Damg\u00e5rd, I.: On $$\\Sigma $$ -protocols (2010). http:\/\/www.cs.au.dk\/~ivan\/Sigma.pdf"},{"key":"23_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1007\/978-3-642-40041-4_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"L Ducas","year":"2013","unstructured":"Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 40\u201356. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_3"},{"key":"23_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1007\/978-3-642-32928-9_3","volume-title":"Security and Cryptography for Networks","author":"I Damg\u00e5rd","year":"2012","unstructured":"Damg\u00e5rd, I., L\u00f3pez-Alt, A.: Zero-knowledge proofs with low amortized communication from lattice assumptions. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 38\u201356. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32928-9_3"},{"key":"23_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"365","DOI":"10.1007\/978-3-319-63697-9_13","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"R del Pino","year":"2017","unstructured":"del Pino, R., Lyubashevsky, V.: Amortization with fewer equations for proving knowledge of small secrets. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 365\u2013394. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_13"},{"key":"23_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-49896-5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","year":"2016","unstructured":"Fischlin, M., Coron, J.-S. (eds.): EUROCRYPT 2016, Part II. LNCS, vol. 9666. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49896-5"},{"key":"23_CR25","doi-asserted-by":"crossref","unstructured":"Goldreich, O., Goldwasser, S.: On the limits of non-approximability of lattice problems. In: 30th ACM STOC, pp. 1\u20139. ACM Press, May 1998","DOI":"10.1145\/276698.276704"},{"issue":"4","key":"23_CR26","doi-asserted-by":"publisher","first-page":"820","DOI":"10.1007\/s00145-014-9184-y","volume":"28","author":"C Gentry","year":"2015","unstructured":"Gentry, C., Groth, J., Ishai, Y., Peikert, C., Sahai, A., Smith, A.D.: Using fully homomorphic hybrid encryption to minimize non-interative zero-knowledge proofs. J. Cryptol. 28(4), 820\u2013843 (2015)","journal-title":"J. Cryptol."},{"key":"23_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1007\/978-3-642-38348-9_37","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"R Gennaro","year":"2013","unstructured":"Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626\u2013645. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_37"},{"key":"23_CR28","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1016\/S0020-0190(98)00116-1","volume":"67","author":"O Goldreich","year":"1998","unstructured":"Goldreich, O., H\u00e5stad, J.: On the complexity of interactive proofs with bounded communication. Inf. Process. Lett. 67, 205\u2013214 (1998)","journal-title":"Inf. Process. Lett."},{"key":"23_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"530","DOI":"10.1007\/978-3-642-33027-8_31","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2012","author":"T G\u00fcneysu","year":"2012","unstructured":"G\u00fcneysu, T., Lyubashevsky, V., P\u00f6ppelmann, T.: Practical lattice-based cryptography: a signature scheme for embedded systems. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 530\u2013547. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33027-8_31"},{"key":"23_CR30","unstructured":"Giacomelli, I., Madsen, J., Orlandi, C.: Zkboo: faster zero-knowledge for boolean circuits. In: 25th USENIX Security Symposium, pp. 1069\u20131083 (2016)"},{"key":"23_CR31","doi-asserted-by":"crossref","unstructured":"Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems (extended abstract). In: 17th ACM STOC, pp. 291\u2013304. ACM Press, May 1985","DOI":"10.1145\/22145.22178"},{"key":"23_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-540-78967-3_3","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"N Gama","year":"2008","unstructured":"Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31\u201351. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78967-3_3"},{"key":"23_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/3-540-45961-8_11","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201988","author":"LC Guillou","year":"1988","unstructured":"Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123\u2013128. Springer, Heidelberg (1988). https:\/\/doi.org\/10.1007\/3-540-45961-8_11"},{"key":"23_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1007\/978-3-642-03356-8_12","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"J Groth","year":"2009","unstructured":"Groth, J.: Linear algebra with sub-linear zero-knowledge arguments. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 192\u2013208. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-03356-8_12"},{"key":"23_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-642-17373-8_19","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"J Groth","year":"2010","unstructured":"Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321\u2013340. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_19"},{"issue":"4","key":"23_CR36","doi-asserted-by":"publisher","first-page":"546","DOI":"10.1007\/s00145-010-9067-9","volume":"23","author":"J Groth","year":"2010","unstructured":"Groth, J.: A verifiable secret shuffle of homomorphic encryptions. J. Cryptol. 23(4), 546\u2013579 (2010)","journal-title":"J. Cryptol."},{"key":"23_CR37","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-662-49896-5_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"Jens Groth","year":"2016","unstructured":"Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin and Coron [FC16], pp. 305\u2013326"},{"issue":"1\u20132","key":"23_CR38","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s00037-002-0169-0","volume":"11","author":"O Goldreich","year":"2002","unstructured":"Goldreich, O., Vadhan, S.P., Wigderson, A.: On interactive proofs with a laconic prover. Comput. Complex. 11(1\u20132), 1\u201353 (2002)","journal-title":"Comput. Complex."},{"key":"23_CR39","doi-asserted-by":"crossref","unstructured":"Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd ACM STOC, pp. 99\u2013108. ACM Press, June 2011","DOI":"10.1145\/1993636.1993651"},{"key":"23_CR40","doi-asserted-by":"crossref","unstructured":"Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: Johnson, D.S., Feige, U. (eds.) 39th ACM STOC, pp. 21\u201330. ACM Press, June 2007","DOI":"10.1145\/1250790.1250794"},{"key":"23_CR41","doi-asserted-by":"crossref","unstructured":"Kilian, J.: A note on efficient zero-knowledge proofs and arguments (extended abstract). In: 24th ACM STOC, pp. 723\u2013732. ACM Press, May 1992","DOI":"10.1145\/129712.129782"},{"key":"23_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"536","DOI":"10.1007\/978-3-540-70583-3_44","volume-title":"Automata, Languages and Programming","author":"YT Kalai","year":"2008","unstructured":"Kalai, Y.T., Raz, R.: Interactive PCP. In: Aceto, L., Damg\u00e5rd, I., Goldberg, L.A., Halld\u00f3rsson, M.M., Ing\u00f3lfsd\u00f3ttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 536\u2013547. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-70583-3_44"},{"key":"23_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-642-28914-9_10","volume-title":"Theory of Cryptography","author":"H Lipmaa","year":"2012","unstructured":"Lipmaa, H.: Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169\u2013189. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-28914-9_10"},{"key":"23_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/11787006_13","volume-title":"Automata, Languages and Programming","author":"V Lyubashevsky","year":"2006","unstructured":"Lyubashevsky, V., Micciancio, D.: Generalized compact knapsacks are collision resistant. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006, Part II. LNCS, vol. 4052, pp. 144\u2013155. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11787006_13"},{"key":"23_CR45","first-page":"293","volume-title":"Lecture Notes in Computer Science","author":"Vadim Lyubashevsky","year":"2017","unstructured":"Lyubashevsky, V., Neven, G.: One-shot verifiable encryption from lattices. In: Coron and Nielsen [CN17], pp. 293\u2013323"},{"key":"23_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-642-36362-7_8","volume-title":"Public-Key Cryptography \u2013 PKC 2013","author":"S Ling","year":"2013","unstructured":"Ling, S., Nguyen, K., Stehl\u00e9, D., Wang, H.: Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 107\u2013124. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-36362-7_8"},{"key":"23_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"598","DOI":"10.1007\/978-3-642-10366-7_35","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"V Lyubashevsky","year":"2009","unstructured":"Lyubashevsky, V.: Fiat-Shamir with aborts: applications to lattice and factoring-based signatures. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 598\u2013616. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_35"},{"key":"23_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"738","DOI":"10.1007\/978-3-642-29011-4_43","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"V Lyubashevsky","year":"2012","unstructured":"Lyubashevsky, V.: Lattice signatures without trapdoors. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 738\u2013755. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_43"},{"key":"23_CR49","doi-asserted-by":"crossref","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th FOCS, pp. 372\u2013381. IEEE Computer Society Press, October 2004","DOI":"10.1109\/FOCS.2004.72"},{"key":"23_CR50","doi-asserted-by":"publisher","unstructured":"Micciancio D., Regev O.: Lattice-based Cryptography. In: Bernstein, D.J., Buchmann, J., Dahmen, E. (eds.) Post-Quantum Cryptography. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-540-88702-7_5","DOI":"10.1007\/978-3-540-88702-7_5"},{"key":"23_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-540-45146-4_17","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"D Micciancio","year":"2003","unstructured":"Micciancio, D., Vadhan, S.P.: Statistical zero-knowledge proofs with efficient provers: lattice problems and more. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 282\u2013298. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_17"},{"key":"23_CR52","doi-asserted-by":"crossref","unstructured":"Parno, B., Howell, J., Gentry, C., Raykova, M.: Pinocchio: nearly practical verifiable computation. In: 2013 IEEE Symposium on Security and Privacy, pp. 238\u2013252. IEEE Computer Society Press, May 2013","DOI":"10.1109\/SP.2013.47"},{"key":"23_CR53","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/11681878_8","volume-title":"Theory of Cryptography","author":"C Peikert","year":"2006","unstructured":"Peikert, C., Rosen, A.: Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 145\u2013166. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11681878_8"},{"key":"23_CR54","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, pp. 84\u201393. ACM Press, May 2005","DOI":"10.1145\/1060590.1060603"},{"issue":"3","key":"23_CR55","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C-P Schnorr","year":"1991","unstructured":"Schnorr, C.-P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161\u2013174 (1991)","journal-title":"J. Cryptol."},{"key":"23_CR56","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/3-540-48329-2_2","volume-title":"Advances in Cryptology \u2014 CRYPTO\u201993","author":"J Stern","year":"1994","unstructured":"Stern, J.: A new identification scheme based on syndrome decoding. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 13\u201321. Springer, Heidelberg (1994). https:\/\/doi.org\/10.1007\/3-540-48329-2_2"},{"key":"23_CR57","unstructured":"Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.): ACM CCS 17. ACM Press, October\/November (2017)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2018"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-96881-0_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,5]],"date-time":"2025-07-05T23:45:31Z","timestamp":1751759131000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-96881-0_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319968803","9783319968810"],"references-count":57,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-96881-0_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"24 July 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 August 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 August 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}