Advertisement

A Post-quantum Digital Signature Scheme Based on Supersingular Isogenies

  • Youngho Yoo
  • Reza Azarderakhsh
  • Amir Jalali
  • David Jao
  • Vladimir Soukharev
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10322)

Abstract

We present the first general-purpose digital signature scheme based on supersingular elliptic curve isogenies secure against quantum adversaries in the quantum random oracle model with small key sizes. This scheme is an application of Unruh’s construction of non-interactive zero-knowledge proofs to an interactive zero-knowledge proof proposed by De Feo, Jao, and Plût. We implement our proposed scheme on an x86-64 PC platform as well as an ARM-powered device. We exploit the state-of-the-art techniques to speed up the computations for general C and assembly. Finally, we provide timing results for real world applications.

Keywords

Digital signatures Isogenies Post-quantum cryptography 

Notes

Acknowledgments

We thank Steven Galbraith for helpful comments on an earlier version of this paper, and the anonymous reviewers for their constructive feedback. This work was partially supported by NSF grant no. CNS-1464118, NIST award 60NANB16D246, the CryptoWorks21 NSERC CREATE Training Program in Building a Workforce for the Cryptographic Infrastructure of the 21st Century, and InfoSec Global, Inc.

References

  1. 1.
    Ambainis, A., Rosmanis, A., Unruh, D.: Quantum attacks on classical proof systems: the hardness of quantum rewinding. In: 55th IEEE Annual Symposium on Foundations of Computer Science, FOCS 2014, Philadelphia, PA, USA, 18–21 October 2014, pp. 474–483 (2014)Google Scholar
  2. 2.
    Azarderakhsh, R., Jao, D., Kalach, K., Koziel, B., Leonardi, C.: Key compression for isogeny-based cryptosystems. In: Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography, AsiaPKC 2016, pp. 1–10. ACM, New York (2016)Google Scholar
  3. 3.
    Barreto, P.S.L.M., Longa, P., Naehrig, M., Ricardini, J.E., Zanon, G.: Sharper ring-LWE signatures. Cryptology ePrint Archive, report 2016/1026 (2016)Google Scholar
  4. 4.
    Bernstein, D.J., Hopwood, D., Hülsing, A., Lange, T., Niederhagen, R., Papachristodoulou, L., Schneider, M., Schwabe, P., Wilcox-O’Hearn, Z.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 368–397. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46800-5_15
  5. 5.
    Bernstein, D.J., Lange, T., Peters, C.: Attacking and defending the McEliece cryptosystem. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 31–46. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-88403-3_3 CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Zhandry, M.: Secure signatures and chosen ciphertext security in a quantum computing world. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 361–379. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_21 CrossRefGoogle Scholar
  7. 7.
    Costello, C., Jao, D., Longa, P., Naehrig, M., Renes, J., Urbanik, D.: Efficient compression of SIDH public keys. Cryptology ePrint Archive, report 2016/963 (2016)Google Scholar
  8. 8.
    Costello, C., Longa, P., Naehrig, M.: Efficient algorithms for supersingular isogeny Diffie-Hellman. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 572–601. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53018-4_21 CrossRefGoogle Scholar
  9. 9.
    Courtois, N.T., Finiasz, M., Sendrier, N.: How to achieve a McEliece-based digital signature scheme. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 157–174. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45682-1_10 CrossRefGoogle Scholar
  10. 10.
    Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005).  https://doi.org/10.1007/11496137_12 CrossRefGoogle Scholar
  11. 11.
    Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal Gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 40–56. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_3 CrossRefGoogle Scholar
  12. 12.
    Feo, L.D., Jao, D., Plût, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209–247 (2014)MathSciNetzbMATHGoogle Scholar
  13. 13.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987).  https://doi.org/10.1007/3-540-47721-7_12 Google Scholar
  14. 14.
    Galbraith, S.D., Petit, C., Silva, J.: Signature schemes based on supersingular isogeny problems. Cryptology ePrint Archive, report 2016/1154 (2016)Google Scholar
  15. 15.
    Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, STOC 1996, pp. 212–219. ACM, New York (1996)Google Scholar
  16. 16.
    Jao, D., Soukharev, V.: Isogeny-based quantum-resistant undeniable signatures. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 160–179. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11659-4_10 Google Scholar
  17. 17.
    Koziel, B., Jalali, A., Azarderakhsh, R., Jao, D., Kermani, M.M.: NEON-SIDH: Efficient implementation of supersingular isogeny Diffe-Hellman key exchange protocol on ARM. In: Cryptology and Network Security - 15th International Conference, CANS 2016, Milan, Italy, 14–16 November 2016, Proceedings, pp. 88–103 (2016)Google Scholar
  18. 18.
    Petzoldt, A., Bulygin, S., Buchmann, J.: Selecting parameters for the rainbow signature scheme. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 218–240. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-12929-2_16 CrossRefGoogle Scholar
  19. 19.
    Seshadri, S.M., Chandrasekaran, V.: Isogeny-based quantum-resistant undeniable blind signature scheme. Cryptology ePrint Archive, Report 2016/148 (2016)Google Scholar
  20. 20.
    Sun, X., Tian, H., Wang, Y.: Toward quantum-resistant strong designated verifier signature from isogenies. In: 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems (2012)Google Scholar
  21. 21.
    Tani, S.: Claw finding algorithms using quantum walk. Theor. Comput. Sci. 410(50), 5285–5297 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Tate, J.: Endomorphisms of Abelian varieties over finite fields. Inventiones Mathematicae 2(2), 134–144 (1966)MathSciNetCrossRefzbMATHGoogle Scholar
  23. 23.
    Unruh, D.: Quantum proofs of knowledge. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 135–152. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_10 CrossRefGoogle Scholar
  24. 24.
    Unruh, D.: Non-interactive zero-knowledge proofs in the quantum random Oracle model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 755–784. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_25 Google Scholar
  25. 25.
    Watrous, J.: Zero-knowledge against quantum attacks. SIAM J. Comput. 39(1), 25–58 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  26. 26.
    Zhang, S.: Promised and distributed quantum search. In: Wang, L. (ed.) COCOON 2005. LNCS, vol. 3595, pp. 430–439. Springer, Heidelberg (2005).  https://doi.org/10.1007/11533719_44 CrossRefGoogle Scholar

Copyright information

© International Financial Cryptography Association 2017

Authors and Affiliations

  1. 1.University of WaterlooWaterlooCanada
  2. 2.evolutionQ, Inc.WaterlooCanada
  3. 3.Florida Atlantic UniversityBoca RatonUSA
  4. 4.InfoSec Global, Inc.North YorkCanada

Personalised recommendations