Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Summary and Evaluation
Conclusion
Future Work
References
All Topics
Computer Science
Cryptography

Practical Lattice-Based Digital Signature Schemes

Profile image of Maire O'NeillMaire O'Neill

2015, ACM Transactions on Embedded Computing Systems

https://doi.org/10.1145/2724713
visibility

description

26 pages

link

1 file

Abstract

Digital signatures are an important primitive for building secure systems and are used in most real-world security protocols. However, almost all popular signature schemes are either based on the factoring assumption (RSA) or the hardness of the discrete logarithm problem (DSA/ECDSA). In the case of classical cryptanalytic advances or progress on the development of quantum computers, the hardness of these closely related problems might be seriously weakened. A potential alternative approach is the construction of signature schemes based on the hardness of certain lattice problems that are assumed to be intractable by quantum computers. Due to significant research advancements in recent years, lattice-based schemes have now become practical and appear to be a very viable alternative to number-theoretic cryptography. In this article, we focus on recent developments and the current state of the art in lattice-based digital signatures and provide a comprehensive survey discussing signat...

Related papers

A Lightweight Post-Quantum Lattice-Based RSA for Secure Communications
Sheraz Aslam

IEEE Access

Conventional RSA algorithm, being a basis for several proposed cryptosystems, has remarkable security laps with respect to confidentiality and integrity over the internet which can be compromised by state-of-the-art attacks, especially, for different types of data generation, transmission, and analysis by IoT applications. This security threat hindrance is considered to be a hard problem to solve on classical computers. However, bringing quantum mechanics into account, the concept no longer holds true. So, this calls out for the modification of the conventional pre-quantum RSA algorithm into a secure post-quantum cryptographic-based RSA technique. In this research, we propose a post-quantum lattice-based RSA (LB-RSA) for IoT-based cloud applications to secure the shared data and information. The proposed work is validated by implementing it in 60-dimensions. The key size is about 1.152 × 10 5 -bits and generation time is 0.8 hours. Furthermore, it has been tested with AVISPA, which confirms security in the presence of an intruder. Moreover, the proposed LB-RSA technique is compared with the existing state-of-the-art techniques. The empirical results advocate that the proposed lattice-based variant is not only safe but beats counterparts in terms of secured data sharing.

View PDFchevron_right
Exploiting Determinism in Lattice-based Signatures
Prasanna Ravi

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

In this paper, we analyze the implementation level fault vulnerabilities of deterministic lattice-based signature schemes. In particular, we extend the practicality of skip-addition fault attacks through exploitation of determinism in certain variants of Dilithium (Deterministic variant) and qTESLA signature scheme (originally submitted deterministic version), which are two leading candidates for the NIST standardization of post-quantum cryptography. We show that single targeted faults injected in the signing procedure allow to recover an important portion of the secret key. Though faults injected in the signing procedure do not recover all the secret key elements, we propose a novel forgery algorithm that allows the attacker to sign any given message with only the extracted portion of the secret key. We perform experimental validation of our attack using Electromagnetic fault injection on reference implementations taken from the pqm4 library, a benchmarking and testing framework for post quantum cryptographic implementations for the ARM Cortex-M4 microcontroller. We also show that our attacks break two well known countermeasures known to protect against skip-addition fault attacks. We further propose an efficient mitigation strategy against our attack that exponentially increases the attacker's complexity at almost zero increase in computational complexity. CCS CONCEPTS • Security and privacy → Digital signatures; Hardware attacks and countermeasures; Side-channel analysis and countermeasures; Embedded systems security.

View PDFchevron_right
Efficient lattice-based signature scheme
Willy Susilo

International Journal of Applied Cryptography, 2008

In Crypto 1997, Goldreich, Goldwasser and Halevi (GGH) proposed a lattice analogue of McEliece public key cryptosystem, in which security is related to the hardness of approximating the Closest Vector Problem in a lattice. Furthermore, they also described how to use the same principle of their encryption scheme to provide a signature scheme. Practically, this cryptosystem uses the Euclidean norm, l 2 -norm, which has been used in many algorithms based on lattice theory. Nonetheless, many drawbacks have been studied and these could lead to cryptanalysis of the scheme. In this article, we present a novel method of reducing a vector under the l -norm and propose a digital signature scheme based on it. Our scheme takes advantage of the l -norm to increase the resistance of the GGH scheme and to decrease the signature length. Furthermore, after some other improvements, we obtain a very efficient signature scheme, that trades the security level, speed and space.

View PDFchevron_right
Lattice-Based Revocable Certificateless Signature
Yuh-Min Tseng

Symmetry

Certificateless signatures (CLS) are noticeable because they may resolve the key escrow problem in ID-based signatures and break away the management problem regarding certificate in conventional signatures. However, the security of the mostly previous CLS schemes relies on the difficulty of solving discrete logarithm or large integer factorization problems. These two problems would be solved by quantum computers in the future so that the signature schemes based on them will also become insecure. For post-quantum cryptography, lattice-based cryptography is significant due to its efficiency and security. However, no study on addressing the revocation problem in the existing lattice-based CLS schemes is presented. In this paper, we focus on the revocation issue and present the first revocable CLS (RCLS) scheme over lattices. Based on the short integer solution (SIS) assumption over lattices, the proposed lattice-based RCLS scheme is shown to be existential unforgeability against adaptive chosen message attacks. By performance analysis and comparisons, the proposed lattice-based RCLS scheme is better than the previously proposed lattice-based CLS scheme, in terms of private key size, signature length and the revocation mechanism.

View PDFchevron_right
High-Speed Signatures from Standard Lattices
Ana Isabel Rospigliosi Sánchez

Lecture Notes in Computer Science, 2015

At CT-RSA 2014 Bai and Galbraith proposed a lattice-based signature scheme optimized for short signatures and with a security reduction to hard standard lattice problems. In this work we first refine the security analysis of the original work and propose a new 128-bit secure parameter set chosen for software efficiency. Moreover, we increase the acceptance probability of the signing algorithm through an improved rejection condition on the secret keys. Our software implementation targeting Intel CPUs with AVX/AVX2 and ARM CPUs with NEON vector instructions shows that even though we do not rely on ideal lattices, we are able to achieve high performance. For this we optimize the matrixvector operations and several other aspects of the scheme and finally compare our work with the state of the art.

View PDFchevron_right
A Survey of Lattice Attack on Digital Signature Algorithm
Bholanath Roy

SSRN Electronic Journal, 2018

Lattice-based cryptography is the use of conjectured hard problems on point lattices in 𝑹 𝒏 as the foundation for secure cryptographic systems. The Digital Signature Algorithm (DSA) computes a modular exponentiation with a per-message ephemeral secret. This involves a sequence of modulo square and multiply operations which, if known, leaks few bits of per-message ephemeral secret key which can be used in lattice based attack to obtain the DSA private key. This work surveys most of the major developments in lattice based attack on DSA with their pros and cons.

View PDFchevron_right
A NEW TYPE OF POST - QUANTUM DIGITAL SIGNATURE SCHEME
Lưu Hồng Dũng

Journal of Science and Technique, ISSN 1859 - 0209., 2025

In this paper, the authors propose a new type of post-quantum digital signature scheme based on hard problems, which belongs to the group of unsolvable problems that currently have no solution. Therefore, this type of digital signature scheme can be resistant to quantum attacks based on the quantum algorithm proposed by P. Shor. In addition to quantum resistance, the type of signature scheme proposed here can also be used as pre-quantum digital signature schemes that are widely used in current practical applications. Index terms Digital signature scheme; post-quantum digital signature scheme; quantum-resistant digital signature scheme; discrete logarithm problem; new hard problem.

View PDFchevron_right
A Post-Quantum Digital Signature Using Verkle Trees and Lattices
Tamar Kuchukhidze

Symmetry, 2023

Research on quantum computers has advanced significantly in recent years. If humanity ever creates an effective quantum computer, many of the present public key cryptosystems can be compromised. These cryptosystems are currently found in many commercial products. We have devised solutions that seem to protect us from quantum attacks, but they are unsafe and inefficient for use in everyday life. In the paper, hash-based digital signature techniques are analyzed. A Merkle-tree-based digital signature is assessed. Using a Verkle tree and vector commitments, the paper explores novel ideas. The authors of this article present a unique technology for developing a post-quantum digital signature system using state-of-the-art Verkle tree technology. A Verkle tree, vector commitments, and vector commitments based on lattices for post-quantum features are used for this purpose. The concepts of post-quantum signature design utilizing a Verkle tree are also provided in the paper.

View PDFchevron_right
Modular lattice signatures, revisited
William Whyte

Designs, Codes and Cryptography, 2019

In this paper we revisit the modular lattice signature scheme and its efficient instantiation known as pqNTRUSign. First, we show that a modular lattice signature scheme can be based on a standard lattice problem. The fundamental problem that needs to be solved by the signer or a potential forger is recovering a lattice vector with a restricted norm, given the least significant bits. We show that this problem is equivalent to the short integer solution (SIS) problem over the corresponding lattice. In addition, we show that by replacing the uniform sampling in pqN-TRUSign with a bimodal Gaussian sampling, we can further reduce the size of a signature. An important new contribution, enabled by this Gaussian sampling version of pqNTRUSign, is that we can now perform batch verification of messages signed by the same public key, which allows the verifier to check approximately 24 signatures in a single verification process.

View PDFchevron_right
Post-Quantum Lattice-Based Cryptography Implementations
Rosario Cammarota

ACM Computing Surveys, 2019

The advent of quantum computing threatens to break many classical cryptographic schemes, leading to innovations in public key cryptography that focus on post-quantum cryptography primitives and protocols resistant to quantum computing threats. Lattice-based cryptography is a promising post-quantum cryptography family, both in terms of foundational properties as well as in its application to both traditional and emerging security problems such as encryption, digital signature, key exchange, and homomorphic encryption. While such techniques provide guarantees, in theory, their realization on contemporary computing platforms requires careful design choices and tradeoffs to manage both the diversity of computing platforms (e.g., high-performance to resource constrained), as well as the agility for deployment in the face of emerging and changing standards. In this work, we survey trends in lattice-based cryptographic schemes, some recent fundamental proposals for the use of lattices in c...

View PDFchevron_right

References (101)

  1. Michel Abdalla, Jee Hea An, Mihir Bellare, and Chanathip Namprempre. 2002. From Identification to Sig- natures via the Fiat-Shamir Transform: Minimizing Assumptions for Security and Forward-Security. In EUROCRYPT. 418-433.
  2. Michel Abdalla, Pierre-Alain Fouque, Vadim Lyubashevsky, and Mehdi Tibouchi. 2012. Tightly-Secure Sig- natures from Lossy Identification Schemes. In EUROCRYPT. 572-590.
  3. Shweta Agrawal, Dan Boneh, and Xavier Boyen. 2010. Efficient Lattice (H)IBE in the Standard Model. In EUROCRYPT. 553-572.
  4. Miklós Ajtai. 1996. Generating Hard Instances of Lattice Problems (Extended Abstract). In STOC. 99-108.
  5. Miklós Ajtai, Ravi Kumar, and D. Sivakumar. 2001. A Sieve Algorithm for the Shortest Lattice Vector Problem. In STOC. 601-610.
  6. Joël Alwen and Chris Peikert. 2011. Generating Shorter Bases for Hard Random Lattices. Theory Comput. Syst. 48, 3 (2011), 535-553.
  7. Aydin Aysu, Cameron Patterson, and Patrick Schaumont. 2013. Low-Cost and Area-Efficient FPGA Imple- mentations of Lattice-based Cryptography. In HOST. 81-86.
  8. Shi Bai and Steven D. Galbraith. 2014. An Improved Compression Technique for Signatures Based on Learn- ing with Errors. In CT-RSA. 28-47.
  9. Rachid El Bansarkhani and Johannes Buchmann. 2013. Improvement and Efficient Implementation of a Lattice-Based Signature Scheme. In Selected Areas in Cryptography. 48-67.
  10. Mihir Bellare and Phillip Rogaway. 1993. Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In ACM CCS. 62-73.
  11. Richard E. Blahut. 2010. Fast Algorithms for Signal Processing. Cambridge University Press.
  12. Dan Boneh, Amit Sahai, and Brent Waters. 2011. Functional Encryption: Definitions and Challenges. In TCC. Vol. 6597.
  13. Dan Boneh and Mark Zhandry. 2013. Secure Signatures and Chosen Ciphertext Security in a Quantum Computing World. In CRYPTO (2). 361-379.
  14. Ahmad Boorghany and Rasool Jalili. 2014. Implementation and Comparison of Lattice-based Identification Protocols on Smart Cards and Microcontrollers. IACR Cryptology ePrint Archive 2014 (2014), 78.
  15. Ahmad Boorghany, Siavash Bayat Sarmadi, and Rasool Jalili. 2014. On Constrained Implementation of Lattice-based Cryptographic Primitives and Schemes on Smart Cards. IACR Cryptology ePrint Archive 2014 (2014), 514.
  16. Xavier Boyen. 2010. Lattice Mixing and Vanishing Trapdoors: A Framework for Fully Secure Short Signa- tures and More. In PKC. 499-517.
  17. Xavier Boyen. 2013. Attribute-Based Functional Encryption on Lattices. In TCC. 122-142.
  18. Zvika Brakerski, Adeline Langlois, Chris Peikert, Oded Regev, and Damien Stehlé. 2013. Classical Hardness of Learning with Errors. In STOC. 575-584.
  19. Johannes Buchmann, Daniel Cabarcas, Florian Göpfert, Andreas H ülsing, and Patrick Weiden. 2013. Dis- crete Ziggurat: A Time-Memory Trade-Off for Sampling from a Gaussian Distribution over the Integers. In Selected Areas in Cryptography. 402-417.
  20. Johannes Buchmann, Richard Lindner, Markus R ückert, and Michael Schneider. 2009. Post-Quantum Cryp- tography: Lattice Signatures. Computing 85, 1-2 (2009), 105-125.
  21. Jan Camenisch, Gregory Neven, and Markus R ückert. 2012. Fully Anonymous Attribute Tokens from Lat- tices. In SCN. 57-75.
  22. Donald Donglong Chen, Nele Mentens, Frederik Vercauteren, Sujoy Sinha Roy, Ray C. C. Cheung, Derek Pao, and Ingrid Verbauwhede. 2014. High-speed Polynomial Multiplication Architecture for Ring-LWE and SHE Cryptosystems. IACR Cryptology ePrint Archive 2014 (2014), 646.
  23. Lo Sing Cheng, Ali Miri, and Tet Hin Yeap. 2005. Efficient FPGA implementation of FFT based multipliers. In Electrical and Computer Engineering, 2005. 1300-1303.
  24. Ruan de Clercq, Sujoy Sinha Roy, Frederik Vercauteren, and Ingrid Verbauwhede. 2014. Efficient Software Implementation of Ring-LWE Encryption. IACR Cryptology ePrint Archive 2014 (2014), 725.
  25. James Cooley and John Tukey. 1965. An Algorithm for the Machine Calculation of Complex Fourier Series. Math. Comp. 19, 90 (1965), 297-301.
  26. Thomas H. Cormen, Charles E. Leiserson, Ronald L. Rivest, and Clifford Stein. 2009. Introduction to Algo- rithms (third edition ed.). The MIT Press.
  27. Özg ür Dagdelen, Marc Fischlin, and Tommaso Gagliardoni. 2013. The Fiat-Shamir Transformation in a Quantum World. In ASIACRYPT (2). 62-81.
  28. Whitfield Diffie and Martin E. Hellman. 1976. New directions in cryptography. IEEE Transactions on Infor- mation Theory 22, 6 (1976), 644-654.
  29. Irit Dinur, Guy Kindler, Ran Raz, and Shmuel Safra. 2003. Approximating CVP to Within Almost- Polynomial Factors is NP-Hard. Combinatorica 23, 2 (April 2003), 205-243.
  30. Benedikt Driessen, Axel Poschmann, and Christof Paar. 2008. Comparison of innovative signature algo- rithms for WSNs. In WISEC. 30-35.
  31. Léo Ducas. 2014. Accelerating Bliss: the geometry of ternary polynomials. IACR Cryptology ePrint Archive 2014 (2014), 874.
  32. Léo Ducas, Alain Durmus, Tancrède Lepoint, and Vadim Lyubashevsky. 2013. Lattice Signatures and Bi- modal Gaussians. In CRYPTO (1). 40-56. Full version: https://eprint.iacr.org/2013/383.pdf.
  33. Léo Ducas, Vadim Lyubashevsky, and Thomas Prest. 2014. Efficient Identity-Based Encryption over NTRU Lattices. In ASIACRYPT. 22-41.
  34. Léo Ducas and Daniele Micciancio. 2014. Improved Short Lattice Signatures in the Standard Model. In CRYPTO. 335-352.
  35. Léo Ducas and Phong Q. Nguyen. 2012a. Faster Gaussian Lattice Sampling Using Lazy Floating-Point Arithmetic. In ASIACRYPT. 415-432.
  36. Léo Ducas and Phong Q. Nguyen. 2012b. Learning a Zonotope and More: Cryptanalysis of NTRUSign Coun- termeasures. In ASIACRYPT. 433-450.
  37. Nagarjun C. Dwarakanath and Steven D. Galbraith. 2014. Sampling from discrete Gaussians for lattice- based cryptography on a constrained device. Appl. Algebra Eng. Commun. Comput. (2014), 159-180.
  38. Pavel Emeliyanenko. 2009. Efficient Multiplication of Polynomials on Graphics Hardware. In APPT. 134- 149. Amos Fiat and Adi Shamir. 1986. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In CRYPTO. 186-194.
  39. Steven D. Galbraith. 2012. Mathematics of Public-Key Cryptography. Cambridge: Cambridge University Press. xiv. 452-459 pages.
  40. Craig Gentry. 2009a. A Fully Homomorphic Encryption Scheme. Ph.D. Dissertation. Stanford University. Craig Gentry. 2009b. Fully homomorphic encryption using ideal lattices. In STOC. 169-178.
  41. Craig Gentry, Jakob Jonsson, Jacques Stern, and Michael Szydlo. 2001. Cryptanalysis of the NTRU Signa- ture Scheme (NSS). In ASIACRYPT. 1-20.
  42. Craig Gentry, Chris Peikert, and Vinod Vaikuntanathan. 2008. Trapdoors For Hard Lattices And New Cryp- tographic Constructions. In STOC. 197-206.
  43. Craig Gentry and Michael Szydlo. 2002. Cryptanalysis of the Revised NTRU Signature Scheme. In EURO- CRYPT. 299-320.
  44. Oded Goldreich, Shafi Goldwasser, and Shai Halevi. 1996. Public-Key Cryptosystems from Lattice Reduction Problems. Electronic Colloquium on Computational Complexity (ECCC) 3, 56 (1996).
  45. Shafi Goldwasser, Silvio Micali, and Ronald L. Rivest. 1988. A Digital Signature Scheme Secure Against Adaptive Chosen-message Attacks. SIAM J. Comput. 17, 2 (apr 1988), 281-308.
  46. Samuel Dov Gordon, Jonathan Katz, and Vinod Vaikuntanathan. 2010. A Group Signature Scheme from Lattice Assumptions. In ASIACRYPT. 395-412.
  47. Norman Göttert, Thomas Feller, Michael Schneider, Johannes Buchmann, and Sorin A. Huss. 2012. On the Design of Hardware Building Blocks for Modern Lattice-Based Encryption Schemes. In CHES. 512-529.
  48. Tim G üneysu, Vadim Lyubashevsky, and Thomas Pöppelmann. 2012. Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems. In CHES. 530-547.
  49. Tim G üneysu, Tobias Oder, Thomas Pöppelmann, and Peter Schwabe. 2013. Software Speed Records for Lattice-Based Signatures. In PQCrypto. 67-82.
  50. Nils Gura, Arun Patel, Arvinderpal Wander, Hans Eberle, and Sheueling Chang Shantz. 2004. Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs. In CHES. 119-132.
  51. Tamas Györfi, Octavian Cret, and Zalan Borsos. 2013. Implementing Modular FFTs in FPGAs -A Basic Block for Lattice-Based Cryptography. In DSD. 305-308.
  52. Bettina Helfrich. 1985. Algorithms to Construct Minkowski Reduced and Hermite Reduced Lattice Bases. Theor. Comput. Sci. 41, 2-3 (Dec. 1985), 125-139.
  53. Jeffrey Hoffstein, Nick Howgrave-Graham, Jill Pipher, Joseph H. Silverman, and William Whyte. 2003. NTRUSign: Digital Signatures Using the NTRU Lattice. In CT-RSA. 122-140.
  54. Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman. 1998. NTRU: A Ring-Based Public Key Cryptosys- tem. In ANTS. 267-288.
  55. Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman. 2001. NSS: An NTRU Lattice-Based Signature Scheme. In EUROCRYPT. 211-228.
  56. Abdel Alim Kamal and Amr M. Youssef. 2009. An FPGA implementation of the NTRUEncrypt cryptosystem. In ICM. 209-212.
  57. Anatoly A. Karatsuba and Yuri Petrovich Ofman. 1963. Multiplication of Multidigit Numbers on Automata. Soviet Physics Doklady 7 (1963), 595-596.
  58. Neal Koblitz. 1987. Elliptic Curve Cryptosystems. Math. Comp. (1987).
  59. Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In CRYPTO. 388-397.
  60. Fabien Laguillaumie, Adeline Langlois, Benoît Libert, and Damien Stehlé. 2013. Lattice-Based Group Sig- natures with Logarithmic Signature Size. In ASIACRYPT (2). 41-61.
  61. Adeline Langlois and Damien Stehlé. 2014. Worst-case to average-case reductions for module lattices. De- signs, Codes and Cryptography (2014).
  62. Richard Lindner and Chris Peikert. 2011. Better Key Sizes (and Attacks) for LWE-Based Encryption. In CT-RSA. 319-339.
  63. Vadim Lyubashevsky. 2009. Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signa- tures. In ASIACRYPT. 598-616.
  64. Vadim Lyubashevsky. 2012. Lattice Signatures without Trapdoors. In EUROCRYPT. 738-755.
  65. Vadim Lyubashevsky and Daniele Micciancio. 2009. On Bounded Distance Decoding, Unique Shortest Vec- tors, and the Minimum Distance Problem. In CRYPTO. 577-594.
  66. Vadim Lyubashevsky, Daniele Micciancio, Chris Peikert, and Alon Rosen. 2008. SWIFFT: A Modest Proposal for FFT Hashing. In FSE. 54-72.
  67. Vadim Lyubashevsky, Chris Peikert, and Oded Regev. 2010. On Ideal Lattices and Learning with Errors over Rings. In EUROCRYPT. 1-23.
  68. Vadim Lyubashevsky, Chris Peikert, and Oded Regev. 2013a. On Ideal Lattices and Learning with Errors over Rings. J. ACM 60, 6 (2013), 43.
  69. Vadim Lyubashevsky, Chris Peikert, and Oded Regev. 2013b. A Toolkit for Ring-LWE Cryptography. In EUROCRYPT. 35-54.
  70. James H. McClellan. 1976. Hardware realization of a Fermat number transform. IEEE Transactions on Acoustics, Speech and Signal Processing 24, 3 (Jun 1976), 216-225.
  71. Carlos Aguilar Melchor, Xavier Boyen, Jean-Christophe Deneuville, and Philippe Gaborit. 2014. Sealing the Leak on Classical NTRU Signatures. In PQCrypto 2014. 1-21.
  72. Daniele Micciancio. 2007. Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Func- tions. Comput. Complex. 16, 4 (Dec. 2007), 365-411.
  73. Daniele Micciancio. 2008. Efficient Reductions Among Lattice Problems. In SODA. 84-93.
  74. Daniele Micciancio and Petros Mol. 2011. Pseudorandom Knapsacks and the Sample Complexity of LWE Search-to-Decision Reductions. In CRYPTO. 465-484.
  75. Daniele Micciancio and Chris Peikert. 2012. Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller. In EUROCRYPT. 700-718.
  76. Daniele Micciancio and Chris Peikert. 2013. Hardness of SIS and LWE with Small Parameters. In CRYPTO (1). 21-39.
  77. Daniele Micciancio and Oded Regev. 2004. Worst-Case to Average-Case Reductions Based on Gaussian Mea- sures. In FOCS. 372-381.
  78. Daniele Micciancio and Oded Regev. 2007. Worst-Case to Average-Case Reductions Based on Gaussian Mea- sures. SIAM J. Comput. 37, 1 (2007), 267-302.
  79. Victor S Miller. 1986. Use of Elliptic Curves in Cryptography. In CRYPTO. 417-426.
  80. Robert T. Moenck. 1976. Practical Fast Polynomial Multiplication. In SYMSACC. 136-148.
  81. Phong Q. Nguyen and Oded Regev. 2009. Learning a Parallelepiped: Cryptanalysis of GGH and NTRU Signatures. J. Cryptology 22, 2 (2009), 139-160.
  82. Henri Nussbaumer. 1980. Fast Fourier transform and convolution algorithms. Springer-Verlag.
  83. Tobias Oder, Thomas Pöppelmann, and Tim G üneysu. 2014. Beyond ECDSA and RSA: Lattice-based Digital Signatures on Constrained Devices. In DAC. 1-6.
  84. Marshall C. Pease. 1968. An Adaptation of the Fast Fourier Transform for Parallel Processing. J. ACM 15, 2 (April 1968), 252-264.
  85. Chris Peikert. 2008. Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem. Electronic Colloquium on Computational Complexity (ECCC) 15, 100 (2008).
  86. Chris Peikert. 2010. An Efficient and Parallel Gaussian Sampler for Lattices. In CRYPTO. 80-97.
  87. John M Pollard. 1971. The Fast Fourier Transform in a Finite Field. Math. Comp. 25, 114 (1971), 365-374.
  88. Thomas Pöppelmann, Léo Ducas, and Tim G üneysu. 2014. Enhanced Lattice-Based Signatures on Recon- figurable Hardware. In CHES. 353-370. Full version: https://eprint.iacr.org/2014/254.pdf.
  89. Thomas Pöppelmann and Tim G üneysu. 2012. Towards Efficient Arithmetic for Lattice-Based Cryptography on Reconfigurable Hardware. In LATINCRYPT. 139-158.
  90. Thomas Pöppelmann and Tim G üneysu. 2013. Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware. In Selected Areas in Cryptography. 68-85.
  91. Thomas Pöppelmann and Tim G üneysu. 2014. Area Optimization of Lightweight Lattice-Based Encryption on Reconfigurable Hardware. In ISCAS. 2796-2799.
  92. Oded Regev. 2005. On Lattices, Learning with Errors, Random Linear Codes, and Cryptography. In STOC. 84-93.
  93. Oded Regev. 2009. On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56, 6 (2009).
  94. Sujoy Sinha Roy, Oscar Reparaz, Frederik Vercauteren, and Ingrid Verbauwhede. 2014. Compact and Side Channel Secure Discrete Gaussian Sampling. IACR Cryptology ePrint Archive 2014 (2014), 591.
  95. Sujoy Sinha Roy, Frederik Vercauteren, Nele Mentens, Donald Donglong Chen, and Ingrid Verbauwhede. 2014. Compact Hardware Implementation of Ring-LWE Cryptosystems. In CHES. 371-391.
  96. Sujoy Sinha Roy, Frederik Vercauteren, and Ingrid Verbauwhede. 2013. High Precision Discrete Gaussian Sampling on FPGAs. In Selected Areas in Cryptography. 1-39.
  97. Markus R ückert and Michael Schneider. 2010. Estimating the Security of Lattice-based Cryptosystems. IACR Cryptology ePrint Archive 2010 (2010), 137.
  98. Claus-Peter Schnorr. 1989. Efficient Identification and Signatures for Smart Cards. In CRYPTO. 239-252.
  99. Peter W. Shor. 1997. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM J. Comput. 26, 5 (Oct. 1997), 1484-1509.
  100. Patrick Weiden, Andreas H ülsing, Daniel Cabarcas, and Johannes Buchmann. 2013. Instantiating Treeless Signature Schemes. IACR Cryptology ePrint Archive 2013 (2013), 65.
  101. Franz Winkler. 1996. Polynomial Algorithms in Computer Algebra (Texts and Monographs in Symbolic Com- putation) (1 ed.). Springer.

Related papers

Lattices in Quantum-ERA Cryptography
Otobong Udoaka, Michael John

International Journal of Research Publication and Reviews, 2023

The use of Mathematic in cryptography can result a safe encryption scheme. Lattices have emerged as a powerful mathematical tool in the field of cryptography, offering a diverse set of applications ranging from encryption to secure multi-party computation. This research paper provides a comprehensive review of the role of lattices in cryptography, covering both theoretical foundations and practical implementations. The paper begins by introducing the basic concepts of lattices and their relevance in cryptographic protocols. Subsequently, it explores key cryptographic primitives based on lattice problems, such as lattice-based encryption schemes, digital signatures, and fully homomorphic encryption. The paper also proposes a new lattice based cryptographic scheme.

View PDFchevron_right
A SOLUTION FOR CONSTRUCTING QUANTUM - RESISTANT DIGITAL SIGNATURE SCHEMES
Lưu Hồng Dũng

Journal of Military Science and Technology, ISSN: 1859-1043, 2024

In this article, the authors propose a solution for constructing quantum -resistant digital signature schemes based on a new type of hard problem, which belongs to the group of unsolvable problems. Therefore, the algorithms constructed according to the solution proposed here can be resistant to quantum attacks based on the quantum algorithm proposed by P. Shor. In addition to quantum resistance, the signature schemes proposed here can also be used as pre-quantum digital signature schemes (RSA, DSA, etc.) that are widely used in current practical applications.

View PDFchevron_right
Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems
Vadim Lyubashevsky

Lecture Notes in Computer Science, 2012

Nearly all of the currently used and well-tested signature schemes (e.g. RSA or DSA) are based either on the factoring assumption or the presumed intractability of the discrete logarithm problem. Further algorithmic advances on these problems may lead to the unpleasant situation that a large number of schemes have to be replaced with alternatives. In this work we present such an alternative -a signature scheme whose security is derived from the hardness of lattice problems. It is based on recent theoretical advances in lattice-based cryptography and is highly optimized for practicability and use in embedded systems. The public and secret keys are roughly 12000 and 2000 bits long, while the signature size is approximately 9000 bits for a security level of around 100 bits. The implementation results on reconfigurable hardware (Spartan/Virtex 6) are very promising and show that the scheme is scalable, has low area consumption, and even outperforms some classical schemes.

View PDFchevron_right
Compact and provably secure lattice-based signatures in hardware
Maire O'Neill

2017 IEEE International Symposium on Circuits and Systems (ISCAS)

Lattice-based cryptography is a quantum-safe alternative to existing classical asymmetric cryptography, such as RSA and ECC, which may be vulnerable to future attacks in the event of the creation of a viable quantum computer. The efficiency of lattice-based cryptography has improved over recent years, but there has been relatively little investigation into hardware designs of digital signature schemes. In this paper, the first hardware design of the provably secure Ring-LWE digital signature scheme, Ring-TESLA, is presented, targeting a Xilinx Spartan-6 FPGA. The results better compactness of all previous lattice-based digital signature schemes in hardware, and can achieve between 104-785 signatures and 102-776 verifications per second.

View PDFchevron_right
Efficient Certificate-Based Signature with Short Key and Signature Sizes from Lattices
Yuh-Min Tseng

Informatica

Certificate-based cryptography (CB-PKC) is an attractive public key setting, which reduces the complexity of public key infrastructure in traditional public key settings and resolves the key escrow problem in ID-based public key settings. In the past, a large number of certificate-based signature and encryption schemes were proposed. Nevertheless, the security assumptions of these schemes are mainly relied on the difficulties of the discrete logarithm and factorization problems. Unfortunately, both problems will be resolved when quantum computers come true in the future. Public key cryptography from lattices is one of the important candidates for post-quantum cryptography. However, there is little work on certificate-based cryptography from lattices. In the paper, we propose a new and efficient certificate-based signature (CBS) scheme from lattices. Under the short integer solution (SIS) assumption from lattices, the proposed CBS scheme is shown to be existential unforgeability agai...

View PDFchevron_right

Related topics

  • Computer Science
  • Distributed Computing
  • Lattice Theory
  • Digital Signature
  • Embedded Systems
  • Applied Cryptography
  • Computer Hardware
  • Cryptography
  • Embedded Systems Security
  • Lattice Based Cryptography
  • Hardware Security
  • Embedded Security
  • Discrete Logarithm

    • Cited by

    Compact and provably secure lattice-based signatures in hardware
    Maire O'Neill

    2017 IEEE International Symposium on Circuits and Systems (ISCAS)

    Lattice-based cryptography is a quantum-safe alternative to existing classical asymmetric cryptography, such as RSA and ECC, which may be vulnerable to future attacks in the event of the creation of a viable quantum computer. The efficiency of lattice-based cryptography has improved over recent years, but there has been relatively little investigation into hardware designs of digital signature schemes. In this paper, the first hardware design of the provably secure Ring-LWE digital signature scheme, Ring-TESLA, is presented, targeting a Xilinx Spartan-6 FPGA. The results better compactness of all previous lattice-based digital signature schemes in hardware, and can achieve between 104-785 signatures and 102-776 verifications per second.

    View PDFchevron_right
    Loop-Abort Faults on Lattice-Based Fiat-Shamir and Hash-and-Sign Signatures
    Pierre-alain Fouque

    Lecture Notes in Computer Science, 2017

    Although postquantum cryptography is of growing practical concern, not many works have been devoted to implementation security issues related to postquantum schemes. In this paper, we look in particular at fault attacks against implementations of lattice-based signature schemes, looking both at Fiat-Shamir type constructions (particularly BLISS, but also GLP, PASSSing and Ring-TESLA) and at hash-and-sign schemes (particularly the GPVbased scheme of Ducas-Prest-Lyubashevsky). These schemes include essentially all practical lattice-based signatures, and achieve the best efficiency to date in both software and hardware. We present several fault attacks against those schemes yielding a full key recovery with only a few or even a single faulty signature, and discuss possible countermeasures to protect against these attacks.

    View PDFchevron_right
    Physical Protection of Lattice-Based Cryptography
    Ayesha Khalid

    Proceedings of the 2018 on Great Lakes Symposium on VLSI, 2018

    The impending realization of scalable quantum computers will have a significant impact on today's security infrastructure. With the advent of powerful quantum computers public key cryptographic schemes will become vulnerable to Shor's quantum algorithm, undermining the security current communications systems. Post-quantum (or quantum-resistant) cryptography is an active research area, endeavoring to develop novel and quantum resistant public key cryptography. Amongst the various classes of quantum-resistant cryptography schemes, lattice-based cryptography is emerging as one of the most viable options. Its efficient implementation on software and on commodity hardware has already been shown to compete and even excel the performance of current classical security public-key schemes. This work discusses the next step in terms of their practical deployment, i.e., addressing the physical security of lattice-based cryptographic implementations. We survey the state-of-the-art in terms of side channel attacks (SCA), both invasive and passive attacks, and proposed countermeasures. Although the weaknesses exposed have led to countermeasures for these schemes, the cost, practicality and effectiveness of these on multiple implementation platforms, however, remains under-studied.

    View PDFchevron_right
    580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved