On Provably Secure Code-based Signature and Signcryption Scheme
Sachin Vasanteprint.iacr.org
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Signcryption is a cryptographic protocol that provides authentication and confidentiality as a single primitive at a cost lower than the combined cost of sign and encryption. Due to the improved efficiency, signcryption schemes have found significant applications in areas related to E-commerce. Shor's algorithm poses a threat to number-theoretic algorithms, as it can solve the number-theoretic hard problems in polynomial time using quantum computers. Therefore, code-based cryptography offers an exciting alternative to number-theoretic cryptography, as it is not only resistant to quantum algorithms, but also, the base operation (matrix-vector multiplication) is far less computationally intensive compared to the modular exponentiation required in number-theoretic schemes. Courtois, Finiasz and Sendrier proposed the only practical code-based signature(CFS signature) . It can be used to realise many cryptographic primitives. But the signature is currently not provably secure due to the existence of the high rate distinguisher . In this paper, we make use of an alternate key-construct for the CFS signature, and thus prove its existential unforgeability under chosen message attacks (EUF-CMA). Also, we propose a code-based signcryption scheme and proved its security. To the best of our knowledge, this is the first code-based, provably secure signature and signcryption scheme in literature.
Related papers
Analysis of code-based digital signature schemes
International Journal of Electrical and Computer Engineering (IJECE), 2023
Digital signatures are in high demand because they allow authentication and non-repudiation. Existing digital signature systems, such as digital signature algorithm (DSA), elliptic curve digital signature algorithm (ECDSA), and others, are based on number theory problems such as discrete logarithmic problems and integer factorization problems. These recently used digital signatures are not secure with quantum computers. To protect against quantum computer attacks, many researchers propose digital signature schemes based on error-correcting codes such as linear, Goppa, polar, and so on. We studied 16 distinct papers based on various error-correcting codes and analyzed their various features such as signing and verification efficiency, signature size, public key size, and security against multiple attacks.
Evaluation of Code-based Signature Schemes
IACR Cryptol. ePrint Arch., 2019
Code-based cryptographic schemes recently raised to prominence as quantum-safe alternatives to the currently employed numbertheoretic constructions, which do not resist quantum attacks. In this article, we discuss the Courtois-Finiasz-Sendrier signature scheme and derive code-based signature schemes using the Fiat-Shamir transformation from code-based zero-knowledge identification schemes, namely the Stern scheme, the Jain-Krenn-Pietrzak-Tentes scheme, and the CayrelVeron-El Yousfi scheme. We analyze the security of these code-based signature schemes and derive the security parameters to achieve the 80bit and 128-bit level of classical security. To derive the secure parameters, we have studied the hardness of Syndrome Decoding Problem. Furthermore, we implement the signature schemes, based on the Fiat-Shamir transform, which were mentioned above, and compare their performance on a PC.
Post-quantum Cryptography: Code-Based Signatures
Advances in Computer Science and Information …, 2010
This survey provides a comparative overview of code-based signature schemes with respect to security and performance. Furthermore, we explicitly describe serveral code-based signature schemes with additional properties such as identity-based, threshold ring and blind signatures.
A new code-based public-key cryptosystem resistant to quantum computer attacks
Journal of Physics: Conference Series, 2019
We propose a new type of public-key cryptosystems (PKC) which is based on repetition of different error-correcting codes. We give a brief analysis of some well known attacks on code-based PKC, including structural ones and show that the scheme could be used as a perspective post-quantum PKC.
Recent Progress in Code-Based Cryptography
Communications in Computer and Information Science, 2011
The last three years have witnessed tremendous progress in the understanding of code-based cryptography. One of its most promising applications is the design of cryptographic schemes with exceptionally strong security guarantees and other desirable properties. In contrast to number-theoretic problems typically used in cryptography, the underlying problems have so far resisted subexponential time attacks as well as quantum algorithms. This paper will survey the more recent developments.
A SOLUTION FOR CONSTRUCTING QUANTUM - RESISTANT DIGITAL SIGNATURE SCHEMES
Journal of Military Science and Technology, ISSN: 1859-1043, 2024
In this article, the authors propose a solution for constructing quantum -resistant digital signature schemes based on a new type of hard problem, which belongs to the group of unsolvable problems. Therefore, the algorithms constructed according to the solution proposed here can be resistant to quantum attacks based on the quantum algorithm proposed by P. Shor. In addition to quantum resistance, the signature schemes proposed here can also be used as pre-quantum digital signature schemes (RSA, DSA, etc.) that are widely used in current practical applications.
Code-based Post-Quantum Cryptography
2021
Cryptography has been used from time immemorial for preserving the confidentiality of 1 data/information in storage or in transit. Thus, cryptography research has also been evolving from 2 the classical Caesar cipher to the modern cryptosystems based on modular arithmetic to the con3 temporary cryptosystems based on quantum computing. The emergence of quantum computing 4 imposes a major threat on the modern cryptosystems based on modular arithmetic whereby, even 5 the computationally hard problems which constitute for the strength of the modular arithmetic 6 ciphers could be solved in deterministic time. This threat triggered post-quantum cryptography 7 research in order to design and develop post-quantum algorithms that can withstand quantum 8 computing attacks. This paper provides a review of the various post-quantum cryptography and, 9 in specific, code-based cryptography research dimensions. The research directions that are yet to 10 be explored in code-based cryptography resear...
Improved Secure Implementation of Code-Based Signature Schemes on Embedded Devices
Amongst areas of cryptographic research, there has recently been a widening interest for code-based cryptosystems and their implementations. Besides the a priori resistance to quantum computer attacks, they represent a real alternative to the currently used cryptographic schemes. In this paper we consider the implementation of the Stern authentication scheme and one recent variation of this scheme by Aguilar et al.. These two schemes allow public authentication and public signature with public and private keys of only a few hundreds bits. The contributions of this paper are twofold: first, we describe how to implement a code-based signature in a constrained device through the Fiat-Shamir paradigm, in particular we show how to deal with long signatures. Second, we implement and explain new improvements for code-based zero-knowledge signature schemes. We describe implementations for these signature and authentication schemes, secured against side channel attacks, which drastically improve the previous implementation presented at Cardis 2008 by Cayrel et al.. We obtain a factor 3 reduction of speed and a factor of about 2 for the length of the signature. We also provide an extensive comparison with RSA signatures.
A code based hybrid signcryption scheme
2021
A key encapsulation mechanism (KEM) that takes as input an arbitrary string, i.e., a tag, is known as tag-KEM, while a scheme that combines signature and encryption is called signcryption. In this paper, we present a code-based signcryption tag-KEM scheme. We utilize a code-based signature and a CCA2 (adaptive chosen ciphertext attack) secure version of McEliece's {encryption} scheme. The proposed scheme uses an equivalent subcode as a public code for the receiver, making the NP-completeness of the equivalent subcode problem be one of our main security assumptions. We then base the signcryption tag-KEM to design a code-based hybrid signcryption scheme. A hybrid scheme deploys an asymmetric- as well as a symmetric-key encryption. We give security analyses of both our schemes in the standard model and prove that they are secure against IND-CCA2 (indistinguishability under adaptive chosen ciphertext attack) and SUF-CMA (strong existential unforgeability under chosen message attack).
A code-based group signature scheme
Designs, Codes and Cryptography, 2016
In this work we propose the first code-based group signature. As it will be described below, its security is based on a relaxation of the model of Bellare, Shi and Zhang [3] (BSZ model) verifying the properties of anonymity, traceability and non-frameability. Furthermore, it has numerous advantages over all existing post-quantum constructions and even competes (in terms of properties) with pairing based constructions: it allows to dynamically add new members and signature and public key sizes are constant with respect to the number of group members. Last but not least, our scheme can be extended into a traceable signature according to the definition of Kiayias, Tsiounis and Yung [19] (KTY model) and handles membership revocation. The main idea of our scheme consists in building a collision of two syndromes associated to two different matrices: a random one which enables to build a random syndrome from a chosen small weight vector; and a trapdoor matrix for the syndrome decoding problem, which permits to find a small weight preimage of the previous random syndrome. These two small weight vectors will constitute the group member's secret signing key whose knowledge will be proved thanks to a variation of Stern's authentication protocol. For applications, we consider the case of the code-based CFS signature scheme [11] of Courtois, Finiasz and Sendrier.
Walnutdsa: A Quantum-Resistant Digital Signature Algorithm
2017
In 2005 I. Anshel, M. Anshel, D. Goldfeld, and S. Lemieux introduced E-Multiplication, a quantum-resistant, group-theoretic, one-way function which can be used as a basis for many different cryptographic applications. To date, all analysis and attacks on E-Multiplication have been exponential in their runtime and all have been readily addressed and defeated. This paper introduces WalnutDSA, a new E-Multiplication-based public-key digital signature method that provides very efficient verification, allowing low-powered and constrained devices to quickly and inexpensively validate digital signatures (e.g., a certificate or authentication). This paper presents an in-depth discussion of the construction of the digital signature algorithm, analyzes the security of the scheme, provides a proof of security under EUF-CMA, and discusses the practical results from implementations on several constrained devices. With the implementation of parameters that defeat all known attacks, WalnutDSA is c...
Security Analysis and Efficient Implementation of Code-based Signature Schemes
Proceedings of the 5th International Conference on Information Systems Security and Privacy, 2019
In this paper, we derive code-based signature schemes using Fiat-Shamir transformation on code-based zeroknowledge identification schemes, namely the Stern scheme, the Jain-Krenn-Pietrzak-Tentes scheme, and the Cayrel-Veron-El Yousfi scheme. We analyze the security of these code-based signature schemes and derive the security parameters to achieve the 128-bit level security. Furthermore, we implement these signature schemes and compare their performance on a PC.
Cryptanalysis of a code-based full-time signature
arXiv (Cornell University), 2020
We present an attack against a code-based signature scheme based on the Lyubashevsky protocol that was recently proposed by Song, Huang, Mu, Wu and Wang (SHMWW). The private key in the SHMWW scheme contains columns coming in part from an identity matrix and in part from a random matrix. The existence of two types of columns leads to a strong bias in the distribution of set bits in produced signatures. Our attack exploits such a bias to recover the private key from a bunch of collected signatures. We provide a theoretical analysis of the attack along with experimental evaluations, and we show that as few as 10 signatures are enough to be collected for successfully recovering the private key. As for previous attempts of adapting Lyubashevsky's protocol to the case of code-based cryptography, the SHMWW scheme is thus proved unable to provide acceptable security. This confirms that devising secure code-based signature schemes with efficiency comparable to that of other post-quantum solutions (e.g., based on lattices) is still a challenging task.
Post-Quantum and Code-Based Cryptography—Some Prospective Research Directions
Cryptography
Cryptography has been used from time immemorial for preserving the confidentiality of data/information in storage or transit. Thus, cryptography research has also been evolving from the classical Caesar cipher to the modern cryptosystems, based on modular arithmetic to the contemporary cryptosystems based on quantum computing. The emergence of quantum computing poses a major threat to the modern cryptosystems based on modular arithmetic, whereby even the computationally hard problems which constitute the strength of the modular arithmetic ciphers could be solved in polynomial time. This threat triggered post-quantum cryptography research to design and develop post-quantum algorithms that can withstand quantum computing attacks. This paper provides an overview of the various research directions that have been explored in post-quantum cryptography and, specifically, the various code-based cryptography research dimensions that have been explored. Some potential research directions that...
Security Analysis of One Quantum Digital Signature Scheme
2009 Sixth International Conference on Information Technology: New Generations, 2009
We point out that the quantum digital signature scheme proposed in ICACT 2005 has three problems. According to the original description of the scheme, we find: (1) the quantum one-way function is not specified clearly; (2) the signer Alice does not use her private key in the signing process; (3) both the signing and the verification can not work well.
Review Unconditionally Secure Quantum Signatures
2016
Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols-signatures based on the Rivest-Adleman-Shamir (RSA) algorithm, the digital signature algorithm (DSA), and the elliptic curve digital signature algorithm (ECDSA)-are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.
13 Efficient arbitrated quantum signature and its proof of security.pdf
In this paper, an efficient arbitrated quantum signature scheme is proposed by combining quantum cryptographic techniques and some ideas in classical cryptography. In the presented scheme, the signatory and the receiver can share a long-term secret key with the arbitrator by utilizing the key together with a random number. While in previous quantum signature schemes, the key shared between the signatory and the arbitrator or between the receiver and the arbitrator could be used only once, and thus each time when a signatory needs to sign, the signatory and the receiver have to obtain a new key shared with the arbitrator through a quantum key distribution protocol. Detailed theoretical analysis shows that the proposed scheme is efficient and provably secure.
Unconditionally Secure Quantum Signatures
Entropy, 2015
Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols-signatures based on the Rivest-Adleman-Shamir (RSA) algorithm, the digital signature algorithm (DSA), and the elliptic curve digital signature algorithm (ECDSA)-are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.
Contemporary Cryptography and Arguments for Classical Cryptography's Endurance alongside the Propitious Quantum Cryptography
2010
Is the newly born quantum cryptography the ultimate solution for information security? A technique needs to be both theoretically strong and practically viable. But quantum cryptography comes to naught in the latter. We present here some of the quantum"s theoretical weaknesses like lack of digital signatures (or any algorithm) along with its many real time implementation problems. We further pursue with the discussion about the potency of classical cryptography and its splendid capabilities in providing security.
Quantum Cryptography: A Survey
Advances in Intelligent Systems and Computing, 2019
This paper represents the overview of Quantum Cryptography. Cryptography is the art of secrecy and it is the use of quantum mechanical properties to perform cryptographic tasks. It is a way of securing the channel using quantum mechanics properties. There are so many examples of quantum cryptography but the most important example is Quantum Key Distribution, which provides a solution to the breaking of various popular public key encryption and signature schemes (e.g. RSA and ElGamal). This helps to solve the security problems and also makes the communication channel is more secure. There are so many advantages of quantum cryptography, one thing is that the quantum computer gives the quadratic speed up on the general problems and second thing is that the quantum cryptography lies in the fact it allows the completion of various cryptographic tasks. That is proven to be impossible using classical communication.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.