{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,28]],"date-time":"2026-05-28T02:37:44Z","timestamp":1779935864854,"version":"3.53.1"},"publisher-location":"Berlin, Heidelberg","reference-count":69,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662498958","type":"print"},{"value":"9783662498965","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-662-49896-5_1","type":"book-chapter","created":{"date-parts":[[2016,4,27]],"date-time":"2016-04-27T04:45:32Z","timestamp":1461732332000},"page":"1-31","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":165,"title":["Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures Without Trapdoors"],"prefix":"10.1007","author":[{"given":"Beno\u00eet","family":"Libert","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"San","family":"Ling","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Khoa","family":"Nguyen","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Huaxiong","family":"Wang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2016,4,28]]},"reference":[{"key":"1_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1007\/978-3-642-19379-8_26","volume-title":"Public Key Cryptography \u2013 PKC 2011","author":"T Acar","year":"2011","unstructured":"Acar, T., Nguyen, L.: Revocation for delegatable anonymous credentials. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 423\u2013440. Springer, Heidelberg (2011)"},{"key":"1_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-38553-7_1","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2013","author":"C Aguilar Melchor","year":"2013","unstructured":"Aguilar Melchor, C., Bettaieb, S., Boyen, X., Fousse, L., Gaborit, P.: Adapting Lyubashevsky\u2019s signature schemes to the ring signature setting. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 1\u201325. Springer, Heidelberg (2013)"},{"key":"1_CR3","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: STOC, pp. 99\u2013108. ACM (1996)","DOI":"10.1145\/237814.237838"},{"key":"1_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-48523-6_1","volume-title":"Automata, Languages and Programming","author":"M Ajtai","year":"1999","unstructured":"Ajtai, M.: Generating hard instances of the short basis problem. In: Wiedermann, J., Emde Boas, P., Nielsen, M. (eds.) ICALP 1999. LNCS, vol. 1644, p. 1. Springer, Heidelberg (1999)"},{"key":"1_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/3-540-44598-6_16","volume-title":"Advances in Cryptology - CRYPTO 2000","author":"G Ateniese","year":"2000","unstructured":"Ateniese, G., Camenisch, J.L., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, p. 255. Springer, Heidelberg (2000)"},{"key":"1_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"178","DOI":"10.1007\/11967668_12","volume-title":"Topics in Cryptology \u2013 CT-RSA 2007","author":"MH Au","year":"2006","unstructured":"Au, M.H., Wu, Q., Susilo, W., Mu, Y.: Compact e-cash from bounded accumulator. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 178\u2013195. Springer, Heidelberg (2006)"},{"key":"1_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"480","DOI":"10.1007\/3-540-69053-0_33","volume-title":"Advances in Cryptology - EUROCRYPT 1997","author":"N Bari\u0107","year":"1997","unstructured":"Bari\u0107, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480\u2013494. Springer, Heidelberg (1997)"},{"key":"1_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"614","DOI":"10.1007\/3-540-39200-9_38","volume-title":"Advances in Cryptology \u2013 EUROCRPYT 2003","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614\u2013629. Springer, Heidelberg (2003)"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Ben-Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from bitcoin. In: IEEE S\n                    \n                      \n                    \n                    $$\\&$$\n                    \n                      \n                        &\n                      \n                    \n                  P, pp. 459\u2013474. IEEE (2014)","DOI":"10.1109\/SP.2014.36"},{"key":"1_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"274","DOI":"10.1007\/3-540-48285-7_24","volume-title":"Advances in Cryptology - EUROCRYPT 1993","author":"JC Benaloh","year":"1994","unstructured":"Benaloh, J.C., de Mare, M.: One-way accumulators: a decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274\u2013285. Springer, Heidelberg (1994)"},{"issue":"1","key":"1_CR11","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/s00145-007-9011-9","volume":"22","author":"A Bender","year":"2009","unstructured":"Bender, A., Katz, J., Morselli, R.: Ring signatures: stronger definitions, and constructions without random Oracles. J. Cryptol. 22(1), 114\u2013138 (2009)","journal-title":"J. Cryptol."},{"key":"1_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"551","DOI":"10.1007\/978-3-662-45611-8_29","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"F Benhamouda","year":"2014","unstructured":"Benhamouda, F., Camenisch, J., Krenn, S., Lyubashevsky, V., Neven, G.: Better zero-knowledge proofs for lattice encryption and their application to group signatures. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 551\u2013572. Springer, Heidelberg (2014)"},{"key":"1_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"629","DOI":"10.1007\/978-3-662-46447-2_28","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"D Bernhard","year":"2015","unstructured":"Bernhard, D., Fischlin, M., Warinschi, B.: Adaptive proofs of knowledge in the random Oracle model. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 629\u2013649. Springer, Heidelberg (2015)"},{"key":"1_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-540-24676-3_14","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"D Boneh","year":"2004","unstructured":"Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223\u2013238. Springer, Heidelberg (2004)"},{"key":"1_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1007\/978-3-662-45611-8_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"D Boneh","year":"2014","unstructured":"Boneh, D., Corrigan-Gibbs, H.: Bivariate polynomials modulo composites and their applications. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 42\u201362. Springer, Heidelberg (2014)"},{"key":"1_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1007\/978-3-319-24174-6_13","volume-title":"Computer Security \u2013 ESORICS 2015","author":"J Bootle","year":"2015","unstructured":"Bootle, J., Cerulli, A., Chaidos, P., Ghadafi, E., Groth, J., Petit, C.: Short accountable ring signatures based on DDH. In: Pernul, G., et al. (eds.) ESORICS. LNCS, vol. 9326, pp. 243\u2013265. Springer, Heidelberg (2015). doi:\n                    10.1007\/978-3-319-24174-6_13"},{"key":"1_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"499","DOI":"10.1007\/978-3-642-13013-7_29","volume-title":"Public Key Cryptography \u2013 PKC 2010","author":"X Boyen","year":"2010","unstructured":"Boyen, X.: Lattice mixing and vanishing trapdoors: a framework for fully secure short signatures and more. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 499\u2013517. Springer, Heidelberg (2010)"},{"key":"1_CR18","unstructured":"Brakerski, Z., Kalai, Y.T.: A framework for efficient signatures, ring signatures and identity based encryption in the standard model. IACR Cryptol. ePrint Archive 2010:86 (2010)"},{"key":"1_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1007\/978-3-642-00468-1_27","volume-title":"Public Key Cryptography \u2013 PKC 2009","author":"J Camenisch","year":"2009","unstructured":"Camenisch, J., Kohlweiss, M., Soriente, C.: An accumulator based on bilinear maps and efficient revocation for anonymous credentials. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 481\u2013500. Springer, Heidelberg (2009)"},{"key":"1_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/3-540-45708-9_5","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"JL Camenisch","year":"2002","unstructured":"Camenisch, J.L., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 61. Springer, Heidelberg (2002)"},{"key":"1_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1007\/978-3-642-32928-9_4","volume-title":"Security and Cryptography for Networks","author":"J Camenisch","year":"2012","unstructured":"Camenisch, J., Neven, G., R\u00fcckert, M.: Fully anonymous attribute tokens from lattices. In: Visconti, I., Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 57\u201375. Springer, Heidelberg (2012)"},{"key":"1_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1007\/978-3-642-14577-3_9","volume-title":"Financial Cryptography and Data Security","author":"S Canard","year":"2010","unstructured":"Canard, S., Gouget, A.: Multiple denominations in E-cash with compact transaction data. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 82\u201397. Springer, Heidelberg (2010)"},{"key":"1_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"523","DOI":"10.1007\/978-3-642-13190-5_27","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"D Cash","year":"2010","unstructured":"Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 523\u2013552. Springer, Heidelberg (2010)"},{"key":"1_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/978-3-642-36362-7_5","volume-title":"Public-Key Cryptography \u2013 PKC 2013","author":"D Catalano","year":"2013","unstructured":"Catalano, D., Fiore, D.: Vector commitments and their applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 55\u201372. Springer, Heidelberg (2013)"},{"key":"1_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1007\/978-3-540-73420-8_38","volume-title":"Automata, Languages and Programming","author":"N Chandran","year":"2007","unstructured":"Chandran, N., Groth, J., Sahai, A.: Ring signatures of sub-linear size without random Oracles. In: Arge, L., Cachin, C., Jurdzi\u0144ski, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 423\u2013434. Springer, Heidelberg (2007)"},{"key":"1_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"257","DOI":"10.1007\/3-540-46416-6_22","volume-title":"Advances in Cryptology - EUROCRYPT 1991","author":"D Chaum","year":"1991","unstructured":"Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257\u2013265. Springer, Heidelberg (1991)"},{"key":"1_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1007\/978-3-319-16715-2_7","volume-title":"Topics in Cryptology \u2014 CT-RSA 2015","author":"D Derler","year":"2015","unstructured":"Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 127\u2013144. Springer, Heidelberg (2015)"},{"key":"1_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"609","DOI":"10.1007\/978-3-540-24676-3_36","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"Y Dodis","year":"2004","unstructured":"Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous identification in Ad Hoc groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609\u2013626. Springer, Heidelberg (2004)"},{"key":"1_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"260","DOI":"10.1007\/978-3-662-48797-6_12","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2015","author":"MF Ezerman","year":"2015","unstructured":"Ezerman, M.F., Lee, H.T., Ling, S., Nguyen, K., Wang, H.: A provably secure group signature scheme from code-based assumptions. In: Iwata, T., et al. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 260\u2013285. Springer, Heidelberg (2015). doi:\n                    10.1007\/978-3-662-48797-6_12"},{"key":"1_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1007\/3-540-45682-1_21","volume-title":"Advances in Cryptology - ASIACRYPT 2001","author":"P-A Fouque","year":"2001","unstructured":"Fouque, P.-A., Pointcheval, D.: Threshold cryptosystems secure against chosen-ciphertext attacks. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 351. Springer, Heidelberg (2001)"},{"key":"1_CR31","doi-asserted-by":"crossref","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC, pp. 197\u2013206. ACM (2008)","DOI":"10.1145\/1374376.1374407"},{"key":"1_CR32","unstructured":"Goldreich, O., Goldwasser, S., Halevi, S.: Collision-free hashing from lattice problems. ECCC 3(42) (1996)"},{"key":"1_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1007\/978-3-642-17373-8_23","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"SD Gordon","year":"2010","unstructured":"Gordon, S.D., Katz, J., Vaikuntanathan, V.: A group signature scheme from lattice assumptions. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 395\u2013412. Springer, Heidelberg (2010)"},{"key":"1_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1007\/978-3-540-24852-1_4","volume-title":"Applied Cryptography and Network Security","author":"J Groth","year":"2004","unstructured":"Groth, J.: Evaluating security of voting schemes in the universal composability framework. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 46\u201360. Springer, Heidelberg (2004)"},{"key":"1_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-642-17373-8_19","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"J Groth","year":"2010","unstructured":"Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321\u2013340. Springer, Heidelberg (2010)"},{"key":"1_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"253","DOI":"10.1007\/978-3-662-46803-6_9","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"J Groth","year":"2015","unstructured":"Groth, J., Kohlweiss, M.: One-out-of-many proofs: or how to leak a secret and spend a coin. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 253\u2013280. Springer, Heidelberg (2015)"},{"key":"1_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"663","DOI":"10.1007\/978-3-642-34961-4_40","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"A Jain","year":"2012","unstructured":"Jain, A., Krenn, S., Pietrzak, K., Tentes, A.: Commitments and efficient zero-knowledge proofs from learning parity with noise. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 663\u2013680. Springer, Heidelberg (2012)"},{"key":"1_CR38","doi-asserted-by":"crossref","unstructured":"Jhanwar, M.P., Safavi-Naini, R.: Compact accumulator using lattices. IACR Cryptology ePrint Archive: Report 2014\/1015, February 2015","DOI":"10.1007\/978-3-319-24126-5_20"},{"key":"1_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/978-3-540-71677-8_21","volume-title":"Public Key Cryptography \u2013 PKC 2007","author":"A Kawachi","year":"2007","unstructured":"Kawachi, A., Tanaka, K., Xagawa, K.: Multi-bit cryptosystems based on lattice problems. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 315\u2013329. Springer, Heidelberg (2007)"},{"key":"1_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1007\/978-3-540-89255-7_23","volume-title":"Advances in Cryptology - ASIACRYPT 2008","author":"A Kawachi","year":"2008","unstructured":"Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372\u2013389. Springer, Heidelberg (2008)"},{"key":"1_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-42045-0_3","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"F Laguillaumie","year":"2013","unstructured":"Laguillaumie, F., Langlois, A., Libert, B., Stehl\u00e9, D.: Lattice-based group signatures with logarithmic signature size. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 41\u201361. Springer, Heidelberg (2013)"},{"key":"1_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1007\/978-3-642-54631-0_20","volume-title":"Public-Key Cryptography \u2013 PKC 2014","author":"A Langlois","year":"2014","unstructured":"Langlois, A., Ling, S., Nguyen, K., Wang, H.: Lattice-based group signature scheme with verifier-local revocation. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 345\u2013361. Springer, Heidelberg (2014)"},{"key":"1_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/978-3-540-72738-5_17","volume-title":"Applied Cryptography and Network Security","author":"J Li","year":"2007","unstructured":"Li, J., Li, N., Xue, R.: Universal accumulators with efficient nonmembership proofs. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 253\u2013269. Springer, Heidelberg (2007)"},{"key":"1_CR44","doi-asserted-by":"crossref","unstructured":"Lin, Z., Hopper, N.: Jack: scalable accumulator-based nymble system. In: WPES, pp. 53\u201362. ACM (2010)","DOI":"10.1145\/1866919.1866927"},{"key":"1_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-642-36362-7_8","volume-title":"Public-Key Cryptography \u2013 PKC 2013","author":"S Ling","year":"2013","unstructured":"Ling, S., Nguyen, K., Stehl\u00e9, D., Wang, H.: Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 107\u2013124. Springer, Heidelberg (2013)"},{"key":"1_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"427","DOI":"10.1007\/978-3-662-46447-2_19","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"S Ling","year":"2015","unstructured":"Ling, S., Nguyen, K., Wang, H.: Group signatures from lattices: simpler, tighter, shorter, ring-based. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 427\u2013449. Springer, Heidelberg (2015)"},{"key":"1_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1007\/978-3-642-31284-7_14","volume-title":"Applied Cryptography and Network Security","author":"H Lipmaa","year":"2012","unstructured":"Lipmaa, H.: Secure accumulators from Euclidean rings without trusted setup. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 224\u2013240. Springer, Heidelberg (2012)"},{"key":"1_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-540-78440-1_10","volume-title":"Public Key Cryptography \u2013 PKC 2008","author":"V Lyubashevsky","year":"2008","unstructured":"Lyubashevsky, V.: Lattice-based identification schemes secure under active attacks. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 162\u2013179. Springer, Heidelberg (2008)"},{"key":"1_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"738","DOI":"10.1007\/978-3-642-29011-4_43","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"V Lyubashevsky","year":"2012","unstructured":"Lyubashevsky, V.: Lattice signatures without trapdoors. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 738\u2013755. Springer, Heidelberg (2012)"},{"key":"1_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"218","DOI":"10.1007\/0-387-34805-0_21","volume-title":"Advances in Cryptology - CRYPTO 1989","author":"RC Merkle","year":"1990","unstructured":"Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218\u2013238. Springer, Heidelberg (1990)"},{"key":"1_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"465","DOI":"10.1007\/978-3-642-22792-9_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"D Micciancio","year":"2011","unstructured":"Micciancio, D., Mol, P.: Pseudorandom Knapsacks and the sample complexity of LWE search-to-decision reductions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 465\u2013484. Springer, Heidelberg (2011)"},{"key":"1_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-642-40041-4_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"D Micciancio","year":"2013","unstructured":"Micciancio, D., Peikert, C.: Hardness of SIS and LWE with small parameters. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 21\u201339. Springer, Heidelberg (2013)"},{"issue":"1","key":"1_CR53","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1137\/S0097539705447360","volume":"37","author":"D Micciancio","year":"2007","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. SIAM J. Comput. 37(1), 267\u2013302 (2007)","journal-title":"SIAM J. Comput."},{"key":"1_CR54","doi-asserted-by":"crossref","unstructured":"Miers, I., Garman, C., Green, M., Rubin, A.D.: Zerocoin: anonymous distributed e-cash from bitcoin. In: IEEE S\n                    \n                      \n                    \n                    $$\\&$$\n                    \n                      \n                        &\n                      \n                    \n                  P, pp. 397\u2013411. IEEE (2013)","DOI":"10.1109\/SP.2013.34"},{"key":"1_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1007\/978-3-540-45146-4_6","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"M Naor","year":"2003","unstructured":"Naor, M.: On cryptographic assumptions and challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96\u2013109. Springer, Heidelberg (2003)"},{"key":"1_CR56","doi-asserted-by":"crossref","unstructured":"Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertextattacks. In: STOC, pp. 427\u2013437. ACM (1990)","DOI":"10.1145\/100216.100273"},{"key":"1_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/978-3-540-30574-3_19","volume-title":"Topics in Cryptology \u2013 CT-RSA 2005","author":"L Nguyen","year":"2005","unstructured":"Nguyen, L.: Accumulators from bilinear pairings and applications. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 275\u2013292. Springer, Heidelberg (2005)"},{"key":"1_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"401","DOI":"10.1007\/978-3-662-46447-2_18","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"PQ Nguyen","year":"2015","unstructured":"Nguyen, P.Q., Zhang, J., Zhang, Z.: Simpler efficient group signatures from lattices. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 401\u2013426. Springer, Heidelberg (2015)"},{"key":"1_CR59","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"353","DOI":"10.1007\/978-3-642-38348-9_22","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"C Papamanthou","year":"2013","unstructured":"Papamanthou, C., Shi, E., Tamassia, R., Yi, K.: Streaming authenticated data structures. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 353\u2013370. Springer, Heidelberg (2013)"},{"key":"1_CR60","doi-asserted-by":"crossref","unstructured":"Papamanthou, C., Tamassia, R., Triandopoulos, N.: Authenticated hash tables. In: ACM-CCS, pp. 437\u2013448. ACM (2008)","DOI":"10.1145\/1455770.1455826"},{"key":"1_CR61","doi-asserted-by":"crossref","unstructured":"Peikert, C.: Public-key cryptosystems from the worst-case shortest vectorproblem: extended abstract. In: STOC, pp. 333\u2013342. ACM (2009)","DOI":"10.1145\/1536414.1536461"},{"key":"1_CR62","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"554","DOI":"10.1007\/978-3-540-85174-5_31","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"C Peikert","year":"2008","unstructured":"Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554\u2013571. Springer, Heidelberg (2008)"},{"key":"1_CR63","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1007\/978-3-642-00862-7_7","volume-title":"Topics in Cryptology \u2013 CT-RSA 2009","author":"M Prabhakaran","year":"2009","unstructured":"Prabhakaran, M., Xue, R.: Statistically hiding sets. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 100\u2013116. Springer, Heidelberg (2009)"},{"key":"1_CR64","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC, pp. 84\u201393. ACM (2005)","DOI":"10.1145\/1060590.1060603"},{"key":"1_CR65","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"552","DOI":"10.1007\/3-540-45682-1_32","volume-title":"Advances in Cryptology - ASIACRYPT 2001","author":"RL Rivest","year":"2001","unstructured":"Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 552. Springer, Heidelberg (2001)"},{"key":"1_CR66","first-page":"543","volume":"1999","author":"A Sahai","year":"1999","unstructured":"Sahai, A.: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. FOCS 1999, 543\u2013553 (1999)","journal-title":"FOCS"},{"issue":"6","key":"1_CR67","doi-asserted-by":"publisher","first-page":"1757","DOI":"10.1109\/18.556672","volume":"42","author":"J Stern","year":"1996","unstructured":"Stern, J.: A new paradigm for public key identification. IEEE Trans. Inf. Theor. 42(6), 1757\u20131768 (1996)","journal-title":"IEEE Trans. Inf. Theor."},{"key":"1_CR68","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"269","DOI":"10.1007\/978-3-540-40061-5_16","volume-title":"Advances in Cryptology - ASIACRYPT 2003","author":"G Tsudik","year":"2003","unstructured":"Tsudik, G., Xu, S.: Accumulating composites and improved group signing. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 269\u2013286. Springer, Heidelberg (2003)"},{"issue":"2","key":"1_CR69","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1007\/s11390-008-9119-x","volume":"23","author":"R Xue","year":"2008","unstructured":"Xue, R., Li, N., Li, J.: Algebraic construction for zero-knowledge sets. J. Comput. Sci. Technol. 23(2), 166\u2013175 (2008)","journal-title":"J. Comput. Sci. Technol."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2016"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-49896-5_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,28]],"date-time":"2020-04-28T00:03:08Z","timestamp":1588032188000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-49896-5_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783662498958","9783662498965"],"references-count":69,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-49896-5_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"28 April 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}