The Fiat-Shamir transformation is a useful approach to building non-interactive arguments (of knowledge) in the random oracle model. Unfortunately, existing proof techniques are incapable of proving the security of Fiat-Shamir in the quantum setting. The problem stems from (1) the diffculty of quantum rewinding, and (2) the inability of current techniques to adaptively program random oracles in the quantum setting. In this talk, I will talk about how to overcome the limitations above in many settings. And as an application, I will show existing lattice signatures based on Fiat-Shamir are secure without any modifications.
2019-09-23 14:00 ~ 15:00
Qipeng Liu, Princeton University
Room 602, School of Information Management & Engineering, Shanghai University of Finance & Economics