Publications
Publications by categories in reversed chronological order.
2026
- S&PScalable Registration-Based Encryption from LatticesIACR Cryptol. ePrint Arch., 2026
Registration-Based Encryption (RBE) is a public-key encryption mechanism which allows a user to register their identity (e.g. email address) and self-generated public key with a key curator (e.g. an organisation). The key curator aggregates these keys into a compact digest. Using only this digest and the recipient’s identity, anyone can encrypt messages to any registered user. As the key curator is not entrusted with any secrets, RBE presents a solution to the key escrow problem, which impedes the adoption of Identity-Based Encryption. This makes RBE an attractive solution for secure communication with and among members of an organisation while preserving user privacy. Despite recent advances [Döttling-Kolonelos-Lai-Lin-Malavolta-Rahimi, EUROCRYPT’23; Fiore-Kolonelos-de-Perthuis, ASIACRYPT’23], practical constructions of RBE are still limited to a small number of registered users (e.g. 1024), lack post-quantum security, or have ciphertext sizes scaling in the order of GB. The predominant way towards constructing practical RBE is a generic transformation from Laconic Encryption (LE). In this work, we identify an efficiency bottleneck in this transformation and present a new primitive called Batched Laconic Encryption (BLE) which admits a more succinct transformation to RBE. Our resulting RBE scheme is the first post-quantum construction that simultaneously supports a large number of registered users and asymptotically outperforms all comparable RBE schemes. Concretely, for at most 2^30 registered users at 128-bit security, our scheme achieves a ciphertext size of 7 MB, improving on previously reported results by three orders of magnitude. We confirm our results through an open-source prototype implementation demonstrating that all algorithms execute within a few milliseconds. The post-quantum security of our construction is based on the standard Learning with Errors assumption, and our analysis enables several tweaks to significantly reduce ciphertext sizes in practical deployments.
@article{EPRINT:KLSS26, author = {Klooß, Michael and Lai, Russell W. F. and Siemer, Jan Niklas and Swarnakar, Monisha}, title = {Scalable Registration-Based Encryption from Lattices}, journal = {{IACR} Cryptol. {ePrint} Arch.}, year = {2026}, url = {https://eprint.iacr.org/2026/717}, badges = {sp-available.svg|S&P - Artifacts Available, sp-functional.svg|S&P - Artifacts Functional, sp-reproduced.svg|S&P - Results reproduced} } - PKCTight Reductions for SIS-with-Hints Assumptions with Applications to Anonymous CredentialsNgoc Khanh Nguyen and Jan Niklas SiemerIACR Cryptol. ePrint Arch., 2026
In this work, we investigate the landscape of emerging lattice-based assumptions tailored for anonymous credentials, focusing on variants of the Short Integer Solution (SIS) problem augmented with auxiliary hints. We provide a tight reduction from the Generalised ISISf (GenISISf) (Dubois et al., PKC 2025) assumption to its interactive variant IntGenISISf, enabling the construction of proof-friendly signature schemes without incurring the significant efficiency loss observed in prior works. In particular, our results directly apply to the anonymous credential scheme proposed by Bootle et al. (CRYPTO 2023), and circumvent the 4X blow-up in the credential size due to their security loss. We also identify families of functions f for which GenISISf is as hard as SIS, leading to the first (strongly) unforgeable standard-model signature scheme from SIS without relying on chameleon hash functions. Moreover, we analyse the “one-more”-type lattice assumptions, showing in particular that Randomised One-More-ISIS (Baldimtsi et al., ASIACRYPT 2024) is at least as hard as standard One-More-ISIS (Agrawal et al., ACM CCS 2022). Further, we inspect different, yet equivalent, variations of Randomised One-More-ISIS which could be of independent interest. Finally, we compare the structural properties of GenISISf and One-More-ISIS, highlighting both shared techniques and fundamental differences. We believe our results contribute to a clearer understanding of the assumptions underpinning efficient, lattice-based anonymous credential systems.
@article{EPRINT:NguSie26, author = {Nguyen, Ngoc Khanh and Siemer, Jan Niklas}, title = {Tight Reductions for SIS-with-Hints Assumptions with Applications to Anonymous Credentials}, journal = {{IACR} Cryptol. ePrint Arch.}, year = {2026}, url = {https://eprint.iacr.org/2026/291}, } - PreprintqFALL - Rapid Prototyping of Lattice-based CryptographyIACR Cryptol. ePrint Arch., 2026
We introduce qFALL, an open-source library for rapid prototyping of lattice-based cryptography written in Rust. qFALL is designed to bridge the gap between theory and practice by offering a modular architecture that provides a theory-affine, flexible, high-level interface for mathematics and common algorithms in lattice-based constructions with representative runtime performance. This enables researchers to rapidly assemble minimal working prototypes that are easily auditable, modifiable, and allow users to assess algorithmic trade-offs as well as the viability of their constructions early in the development cycle. Furthermore, the library supports an incremental optimization workflow, allowing users to replace bottlenecks with optimized modules to evolve the codebase toward a fully optimized implementation. We demonstrate that qFALL allows for efficient assembly of auditable cryptographic constructions that approximate the performance of optimized implementations and serve as a reusable resource to the scientific community.
@article{EPRINT:BMPSS26, author = {Beckmann, Marvin and Milewski, Phil and Porzenheim, Laurens and Schmidt, Marcel Luca and Siemer, Jan Niklas}, title = {qFALL - Rapid Prototyping of Lattice-based Cryptography}, journal = {{IACR} Cryptol. ePrint Arch.}, year = {2026}, url = {https://eprint.iacr.org/2026/291}, }
