Skip to main content

17 July 2023 - Peter Scholl


Peter Scholl



ZK Proofs From VOLE-in-the-Head, and the FAEST Post-Quantum Signature Scheme



In this talk, I will give an overview of the VOLE-in-the-head paradigm for building efficient zero-knowledge proofs, and its application to the FAEST post-quantum signature scheme. Vector oblivious linear evaluation, or VOLE, is a recent approach for building zero-knowledge proofs in the designated-verifier setting, featuring a low computational overhead for the prover. VOLE-in-the-head is a general technique for upgrading VOLE-based protocols to support public verifiability, which is based on a compiler that transforms a certain class of ZK protocols into public-coin protocols. The resulting ZK proofs have linear proof size, and are simpler, smaller and faster than related approaches based on MPC-in-the-head.

FAEST is a post-quantum signature scheme, where a signature consists of a VOLE-in-the-head proof of knowledge of an AES key. Compared with the hash-based signature scheme SPHINCS+, FAEST has slower verification, but smaller signatures and signing around an order of magnitude faster.

Based on joint work with Carsten Baum, Lennart Braun, Cyprien Delpech de Saint Guilhem, Michael Klooß, Christian Majenz, Shibam Mukherjee, Emmanuela Orsini, Sebastian Ramacher, Christian Rechberger and Lawrence Roy.



Peter Scholl is an Associate Professor in the Cryptography Group at Aarhus University. His research is mainly focused on secure computation, particularly designing general-purpose protocols for multi-party computation, as well as related tools like oblivious transfer, homomorphic secret sharing and zero-knowledge proofs.