International Association
for Cryptologic Research

In all of existing efficient proofs of knowledge of a solution to the Inhomogeneous Small Integer Solution ISIS problem, the knowledge extractor can only output a vector that is about $\\sqrt{n}$ times longer than the witness possessed by the prover. As a consequence, in many cryptographic schemes that use these proof systems as building blocks, there exists a gap between the hardness of solving the underlying ISIS problem and the hardness used in the security reductions. In this paper, we generalize Stern\'s protocol to obtain two statistical zero-knowledge proofs of knowledge for the ISIS problem (in the $l_\\infty$ norm) that remove this gap. Our result yields the potential of relying on weaker security assumptions for various lattice-based cryptographic constructions. As applications of our proof system, we introduce a concurrently secure identity-based identification scheme based on the worst-case hardness of the $\\mathrm{SIVP}_{\\widetilde{O}(n^{1.5})}$ problem (in the $l_2$ norm) in general lattices in the random oracle model, and an efficient statistical zero-knowledge proof of plaintext knowledge with small constant gap factor for Regev\'s encryption scheme.