Efficient Multi-Signature Scheme Using Lattice

With the help of a multi-signature scheme, we can reduce the cost of storage and bandwidth in case of many signers signing the same message. Therefore, multi-signature schemes can be used in bitcoin to reduce the size of a blockchain. In this paper, we propose a lattice-based multi-signature scheme with the following highlighted features. Our lattice-based multi-signature scheme supports signature compression and public key aggregation. The only existing lattice-based multi-signature scheme by Kansal and Dutta (Africacrypt, 2020) that supports both signature compression and public key aggregation has communication and storage cost (O) over tilde (n(2)), whereas our communication and storage cost O(n). Our multi-signature scheme is in the plain public key model where the special registration of the public key is not necessary and it is secure under the rogue key attack. Our multi-signature scheme is secure under the hardness of ring short integer solution problem in the random oracle model.