This is a project that runs in the Lattice lab, starting from Dalao Hanlin, who first envisioned the possibility of substituting LWE-based cryptography with LPN (spoiler alert we currently do not know how to achieve this goal). A significant goal is to construct a digital signature a la Dilithium at least in terms of performance. Alas, the Fiat-Shamir with Abort technique does not work directly with LPN, although some folks have come up with variants of the LPN assumption to accommendate with this technqiue (e....

Since random vector commitment is used extensively in MPCitH and VOLEitH applications, with some of them being post quantum signatures, which is efficiency sensitive (e.g. TLS needs fast authentications for smooth browsing experience), it’s a natural question to optimize this component. One possible way to do this is to replace the cryptograhpic hash function invocation at the bottom layer of the GGM tree with AES-based hash functions which are relatively lightweight when the key is fixed....

This is a Crypto 2019 paper by Boneh et al. In this paper the authors utilize the fact that the verifier can only make linear queries to the instance string and the PCP/IOP proof string in order to make a decision. Building on this property, we can design proof systems that allow proving statements that are shared among multiple verifiers. This proof system in particular appear useful for the GMW transformation, which is the topic of another talk....

My first talk is about memory-hard functions but they are kind of lost

Generating Boolean Beaver triples has always been an intriguing problem. On one hand, Overdrive-type FHE-based solutions offers asympototically-good solutions, and for suitable field size the concrete efficiency is also considered state-of-the-art. On the other hand, the current best practice for generating authenticated Boolean Beaver triples remains MASCOT-type COT-based protocols, which has communication of \(O(N^2 m)\) for generating \(m\) triples among \(N\) parties. I guess this is a follow-up of Ring-LPN Talk....

This is a Eurocrypt 2023 submission that describes the application of EA-LPN in constructing PCF for garbled circuit correlations. They also present three applications of their construction, albeit not very convincing in their practical values. I gave a talk about this paper and also discussed the merit of it at <2024-02-27 Tue>. Here is the ipe source.

The \( n^2 \) computational overhead of PCGs for the OLE/MT correlation has long been a trouble and only recently have we come up with some creative solution (for authenticated triples over \( \mathbb{F}_2 \)). This is a Crypto 2020 paper that shows how to create such a correlation over \( \mathbb{F}_{2^{\rho}} \) using Ring-LPN. I recall giving talks about this construction in various occacions but the details have been lost now....

This is a follow-up work of Fully Linear PCP. LATTICE group meeting at <2021-10-27 Wed> Slides Meeting with Huawei at <2021-11-18 Thu> Slides