--- author: - Sándor Kiss and Bence Ladóczki date: March 2025 title: Fast Signature Aggregation Protocol for Single Slot Finality --- # Project Abstract Ethereum Proof-of-Stake relies heavily on BLS signature aggregation to support a large number of economic participants (validators) in the consensus. [We're interested](https://eprint.iacr.org/2025/055.pdf) in efficient and practical methods that are secure under the existence of a quantum adversary. Digital signatures are fundamental to the functioning of cryptocurrencies. A crypto asset is owned by someone who knows the corresponding secret key. They serve to verify that a transaction has been initiated by someone possessing the secret key associated with a crypto asset. In a broad sense, digital signatures are nothing but non-interactive zero-knowledge proofs (NIZKs). They are digital data provided by a prover (who initiates the transaction) that demonstrates to others (the verifiers) the prover's knowledge of a secret key. Crucially, this is done without revealing any information beyond the fact that the prover possesses this knowledge. The security of the applied cryptographic schemes relies on complexity theory assumptions and although these theories have stood the test of time so far, new cryptographic schemes appear every once in a while, promising properties that are more favorable than the previous ones. These days, most of the chains rely on the discrete logarithmic problem (DLP) over the elliptic curve called secp256k1 (e.g., bitcoin, ethereum) in a finite field as the algorithmic problem. Alternatively, the DLP over the elliptic curve called edward25519 is used in monero (XMR). Note that not all blockchains use the DLP over elliptic curves for their public -- secret keys pair generation; arweave uses RSA for example. In our terminology, it would be discrete division.} in elliptic curves is believed to be hard to solve. In fact, the computational complexity of the problem is only in NP $\cap$ co-NP. For post quantum cryptography we need an NP-hard problem. **Post-quantum signature ML-DSA** In August 2024, NIST officially standardized Module-Lattice-Based Digital Signature Algorithm (ML-DSA), establishing it as the primary standard (FIPS 204) for quantum-resistant digital signatures. It was originally named CRYSTALS-Dilithium, and relies on standard lattice assumptions, namely Module Learning With Errors (M-LWE) and Module Short Integer Solution (M-SIS). Since the one-way function is defined using matrix multiplication with matrix A, it inherently loses information by projecting a higher-dimensional space onto a lower-dimensional subspace. This loss of information makes the function difficult to invert. The hardness is a consequence of M-SIS and M-LWE, which are. For the lattice based one-way functions generating a proper random number is a bit more complex than for ECC. It can be done by employing the rejection sampling technique # Objectives Discuss the basic mathematical tools used in BLS signature schemes. The BLS signature algorithm makes use of two homomorphic one-way functions. Requirement 1 (One-Way Function): There exists no PPT (probabilistic polynomial-time) algorithm that efficiently computes the inverse of f1(). Requirement 2 (Homomorphic): There exist an efficient algorithm ⊕ such that Requirement 3 (Computational Diffie-Hellman (CDH) Assumption) Requirement 4 (Decision Diffie-Hellman (DDH)): Requirement 5 (Hash to Group Element): # Outcomes # Grant Scope ## Task 1: ## Task 2: ## Task 3: ## Task 4: # Project Team # Background **János Kiss** I am a number theorist but I also interested in analysis, combinatorics and probability theory. 2014 -: Assistant Professor, Budapest University of Technology and Economics 2011 - 2014: Research Fellow, Budapest University of Technology and Economics 2010 - 2011: Junior Research Fellow, Computer and Automation Research Institute of the Hungarian Academy of Sciences **Bence Ladóczki** I graduated from Budapest University of Technology and Economics as an electrical engineer in 2014, then moved to Kobe, Japan for MSc studies through the MEXT scholarship. During my undergraduate years, I joined Prof. Mihaly Kallay’s research group, where we published our first paper in 2013 on a linear scaling CCSD(T) algorithm. Later, I worked with Prof. Tenno Seiichiro in Japan, contributing to the Gellan quantum chemistry program. In my PhD, I published two articles on stochastic approaches to the electronic many-body problem, implementing quantum Monte Carlo methods on high-performance clusters, including the K computer. I received my PhD in 2020 and returned to Hungary to join Prof. Janos Tapolcai’s research group, focusing on blockchain and ultra-low latency communication solutions in collaboration with Ericsson Hungary. I also continued publishing with international peers, including articles on blockchains and deep learning. # Methodology **Task 1:** **Task 2:** **Task 3:** **Task 4:** **Dissemination Task:** # Timeline # Budget