Decreasing Proof Size of BLS Scheme

Bootle et al. in CRYPTO 2019 proposed a zero knowledge proof for an ISISm,n,q,beta instance A (s) over right arrow= (u) over right arrow mod q with parallel to(s) over right arrow parallel to(infinity) <= beta (BLS scheme). It was implemented by transforming the instance into the form A '(s) over right arrow'= (u) over right arrow mod q, where the coefficients of (s) over right arrow are in {0, 1, 2}, and proved the latter in an exact way. With the concrete parameters m = 1024, n = 2048, beta = 1, q approximate to 2(32), their proof is of length 384.03KB. In this paper, we decrease the proof size of BLS scheme by two techniques. The first one takes effect on some special parameters. For these parameters, using the binary basic set instead of the ternary one results in a shorter proof. The second one deals with the repetition of the lower half in BLS scheme. Observing that what the lower half proves is of form B (r) over right arrow= (t) over right arrow with a short vector (r) over right arrow of polynomials, a variant of parallel repetition can be used to shorten the proof size. Combining these two techniques together, the proof size of the above-mentioned instance can be reduced to 220.01KB, only 57.3% of BLS scheme.