Abstract
We introduce a new hard problem to cryptography, named Low-Rank Matrix Completion (LRMC), whose hardness is equivalence with MinRank in multivariate cryptography (NP-Complete and quantum-resistant). We present a Sigma Protocol to prove the knowledge of LRMC. Comparing with the need for several matrices in the public key of MinRank-based constructions such as Courtois (ASIACRYPT 2001) and Bellini et al. (PQCrypto 2022), the benefits of using LRMC are that only one matrix is required, leading to smaller public key sizes, lower computation and communication costs, and fewer operations and time-consuming. In addition, it is more intuitive and succinct in the system setup. Then, we take full advantage of recent progresses to reduce the soundness error, including the Sigma Protocol with Helper (EUROCRYPT 2020), the cut-and-choose techniques (CCS 2018), and so on. When applying the Fiat-Shamir transform to convert the improved sigma protocol to a signature scheme, with more optimizations, the sizes are competitive with SPHINCS+, which has been determined to be standardized by the NIST after three rounds of evaluation, and is the only one that does not rely on (structural) lattice problems. This work increases the diversity of provable and practical post-quantum signatures, as the NIST is calling.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Aumasson, J.P., et al.: SPHINCS+. http://sphincs.org/
Avanzi, R., et al.: CRYSTALS-Kyber. https://pq-crystals.org/kyber/
Bai, S., et al.: CRYSTALS-Dilithium. https://pq-crystals.org/dilithium/
Baum, C., Nof, A.: Concretely-efficient zero-knowledge arguments for arithmetic circuits and their application to lattice-based cryptography. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12110, pp. 495–526. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45374-9_17
Bellini, E., Esser, A., Sanna, C., Verbel, J.A.: MR-DSS - smaller minrank-based (ring-)signatures. In: Cheon, J.H., Johansson, T. (eds.) PQCrypto 2022, LNCS, vol. 13512, pp. 144–169. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-17234-2_8
Berlekamp, E.R., McEliece, R.J., van Tilborg, H.C.A.: On the inherent intractability of certain coding problems (corresp.). IEEE Trans. Inf. Theory 24(3), 384–386 (1978). https://doi.org/10.1109/TIT.1978.1055873
Bettale, L., Faugère, J., Perret, L.: Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Cryptogr. 69(1), 1–52 (2013). https://doi.org/10.1007/s10623-012-9617-2
Beullens, W.: Sigma protocols for MQ, PKP and SIS, and fishy signature schemes. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12107, pp. 183–211. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45727-3_7
Beullens, W., Faugère, J.-C., Koussa, E., Macario-Rat, G., Patarin, J., Perret, L.: PKP-based signature scheme. In: Hao, F., Ruj, S., Sen Gupta, S. (eds.) INDOCRYPT 2019. LNCS, vol. 11898, pp. 3–22. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-35423-7_1
Buss, J.F., Frandsen, G.S., Shallit, J.O.: The computational complexity of some problems of linear algebra. J. Comput. Syst. Sci. 58(3), 572–596 (1999). https://doi.org/10.1006/jcss.1998.1608
Candès, E.J., Tao, T.: The power of convex relaxation: near-optimal matrix completion. IEEE Trans. Inf. Theory 56(5), 2053–2080 (2010). https://doi.org/10.1109/TIT.2010.2044061
Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: Thuraisingham, B., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1825–1842. ACM (2017). https://doi.org/10.1145/3133956.3133997
Chen, M.-S., Hülsing, A., Rijneveld, J., Samardjiska, S., Schwabe, P.: From 5-pass \(\cal{MQ}\)-based identification to \(\cal{MQ}\)-based signatures. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 135–165. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6_5
Courtois, N.T.: Efficient zero-knowledge authentication based on a linear algebra problem MinRank. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 402–421. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45682-1_24
Courtois, N.T.: The security of hidden field equations (HFE). In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 266–281. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45353-9_20
Derksen, H.: On the equivalence between low-rank matrix completion and tensor rank. Linear Multilinear Algebra 66(4), 645–667 (2018)
Ding, J., Perlner, R., Petzoldt, A., Smith-Tone, D.: Improved cryptanalysis of HFEv- via projection. In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 375–395. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-79063-3_18
Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_12
Don, J., Fehr, S., Majenz, C., Schaffner, C.: Security of the Fiat-Shamir transformation in the quantum random-oracle model. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 356–383. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_13
Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_12
Fouque, P.A., et al.: Falcon. https://falcon-sign.info/
Goubin, L., Courtois, N.T.: Cryptanalysis of the TTM cryptosystem. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 44–57. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_4
Han, B., Sim, J.: Reflection removal using low-rank matrix completion. In: CVPR 2017, pp. 3872–3880. IEEE Computer Society (2017). https://doi.org/10.1109/CVPR.2017.412
Katz, J., Kolesnikov, V., Wang, X.: Improved non-interactive zero knowledge with applications to post-quantum signatures. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 525–537. ACM (2018). https://doi.org/10.1145/3243734.3243805
Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372–389. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_23
Keshavan, R.H., Montanari, A., Oh, S.: Matrix completion from a few entries. IEEE Trans. Inf. Theory 56(6), 2980–2998 (2010). https://doi.org/10.1109/TIT.2010.2046205
Kim, S., Nguyen, L.T., Shim, B.: Deep neural network based matrix completion for internet of things network localization. In: ICASSP 2020, pp. 3427–3431. IEEE (2020). https://doi.org/10.1109/ICASSP40776.2020.9053773
Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_2
Koren, Y.: Collaborative filtering with temporal dynamics. In: Elder IV, J.F., Fogelman-Soulié, F., Flach, P.A., Zaki, M.J. (eds.) ACM SIGKDD 2009, pp. 447–456. ACM (2009). https://doi.org/10.1145/1557019.1557072
Ling, S., Nguyen, K., Stehlé, D., Wang, H.: Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 107–124. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36362-7_8
Petzoldt, A., Chen, M.-S., Yang, B.-Y., Tao, C., Ding, J.: Design principles for HFEv-based multivariate signature schemes. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 311–334. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48797-6_14
Saade, A., Krzakala, F., Zdeborová, L.: Matrix completion from fewer entries: spectral detectability and rank estimation. In: Cortes, C., Lawrence, N.D., Lee, D.D., Sugiyama, M., Garnett, R. (eds.) NeurlPS 2015, pp. 1261–1269 (2015). https://proceedings.neurips.cc/paper/2015/hash/a8e864d04c95572d1aece099af852d0a-Abstract.html
SageMath: Python3-cypari2. https://github.com/sagemath/cypari2
Sakumoto, K., Shirai, T., Hiwatari, H.: Public-key identification schemes based on multivariate quadratic polynomials. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 706–723. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_40
Stern, J.: A new identification scheme based on syndrome decoding. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 13–21. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_2
Unruh, D.: Non-interactive zero-knowledge proofs in the quantum random oracle model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 755–784. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_25
Acknowledgements
This work is supported by the National Key R &D Program of China (No. 2022YFB4500800), the Key R &D projects in Hubei Province (No.2022BAA041), and the Fundamental Research Funds for the Central Universities (No. 2042022kf0021). The authors are grateful to the committees and anonymous reviewers of PKC 2023 and ProvSec 2023 for their insightful comments that refine this work, and generous help from the shepherd. Furthermore, Jiaming Wen appreciates Lu Bai’s assistance during the experiments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Wen, J., Wang, H., Zhang, H. (2023). Post-quantum Sigma Protocols and Signatures from Low-Rank Matrix Completions. In: Zhang, M., Au, M.H., Zhang, Y. (eds) Provable and Practical Security. ProvSec 2023. Lecture Notes in Computer Science, vol 14217. Springer, Cham. https://doi.org/10.1007/978-3-031-45513-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-45513-1_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-45512-4
Online ISBN: 978-3-031-45513-1
eBook Packages: Computer ScienceComputer Science (R0)