Skip to main content
SpringerLink
Log in

Cryptanalysis of a rank-based signature with short public keys

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

Following Schnorr framework for obtaining digital signatures, Song et al. recently proposed a new instantiation of a signature scheme featuring small public keys from coding assumptions in rank metric, which was accepted at PKC’19. Their proposal makes use of rank quasi-cyclic (RQC) codes to reduce the public key size. We show that it is possible to turn a valid, legitimate signature into an efficiently solvable decoding problem, which allows to recover the randomness used for signing and hence the secret key, from a single signature, in about the same amount of time as required for signing.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. Their results got accepted on Dec. 21st 2018 at PKC’19, made available as ePrint 2019/053 (https://eprint.iacr.org/eprint-bin/getfile.pl?entry=2019/053&version=20190125:204017&file=053.pdf) on Jan. 25th 2019, a cryptanalysis implementation was publicly released on Jan. 30th 2019 (https://github.com/deneuville/cryptanalysisSHMW), Lau and Tan (https://arxiv.org/pdf/1902.00241.pdf) then Xagawa (https://eprint.iacr.org/2019/120.pdf) published independently a description of the attack. The paper has been withdrawn since, both from ePrint and PKC’19, around Feb. 26th 2019. This work merges the implementation of Aragon et al., and the works of Lau and Tan, and Xagawa.

References

  1. Aguilar Melchor C., Aragon N., Bettaieb S., Bidoux L., Blazy O., Deneuville J.C., Gaborit P., Zémor G.: Rank Quasi-Cyclic (RQC). https://hal.archives-ouvertes.fr/hal-01946894, submission to the NIST post quantum standardization process. (2017).

  2. Aguilar Melchor C., Blazy O., Deneuville J., Gaborit P., Zémor G.: Efficient encryption from random quasi-cyclic codes. IEEE Trans. Inf. Theory 64(5), 3927–3943 (2018). https://doi.org/10.1109/TIT.2018.2804444.

    Article  MathSciNet  MATH  Google Scholar 

  3. Aragon N., Blazy O., Gaborit P., Hauteville A., Zémor G.: Durandal: A rank metric based signature scheme. In: Advances in Cryptology-EUROCRYPT 2019 - 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19–23, 2019, Proceedings, Part III, pp 728–758, (2019) https://doi.org/10.1007/978-3-030-17659-4_25.

  4. Courtois N., Finiasz M., Sendrier N.: How to achieve a McEliece-based digital signature scheme. In: Boyd C (ed) ASIACRYPT 2001, Springer, Heidelberg, LNCS, vol. 2248, pp 157–174, (2001) https://doi.org/10.1007/3-540-45682-1_10.

  5. Daniel Julius B., Andreas H., Tanja L., Panny L.: OFFICIAL COMMENT: RaCoSS. Official comments about NIST PQC submissions (2017).

  6. Debris-Alazard T., Tillich J.: Two attacks on rank metric code-based schemes: Ranksign and an IBE scheme. In: Peyrin T, Galbraith SD (eds) Advances in Cryptology - ASIACRYPT 2018 - 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2-6, 2018, Proceedings, Part I, Springer, Lecture Notes in Computer Science, vol. 11272, pp. 62–92, (2018) https://doi.org/10.1007/978-3-030-03326-2_3.

  7. Debris-Alazard T., Sendrier N., Tillich J.: The problem with the SURF scheme. Cryptology ePrint Archive, Report 2017/662, (2017) https://eprint.iacr.org/2017/662.

  8. Debris-Alazard T., Sendrier N., Tillich J.P.: Wave: A new code-based signature scheme. Cryptology ePrint Archive, Report 2018/996, (2018) https://eprint.iacr.org/2018/996.

  9. Deneuville J.C., Gaborit P.: Cryptanalysis of a code-based one-time signature. WCC 2019: The Eleventh International Workshop on Coding and Cryptography, (2019) https://www.lebesgue.fr/sites/default/files/proceedings_WCC/WCC_2019_paper_31.pdf.

  10. Faugère J.C., Gauthier V., Otmani A., Perret L., Tillich J.P.: A distinguisher for high rate McEliece cryptosystems. In: Proc. IEEE Inf. Theory Workshop- ITW 2011, Paraty, Brasil, pp. 282–286 (2011)

  11. Fiat A., Shamir A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko AM (ed) CRYPTO’86, Springer, Heidelberg, LNCS, vol. 263, pp. 186–194, (1987) https://doi.org/10.1007/3-540-47721-7_12.

  12. Gaborit P., Zémor G.: On the hardness of the decoding and the minimum distance problems for rank codes. IEEE Trans Inf. Theory 62(12), 7245–7252 (2016).

    Article  MathSciNet  Google Scholar 

  13. Gaborit P., Murat G., Ruatta O., Zémor G.: Low rank parity check codes and their application to cryptography. In: Proceedings of the Workshop on Coding and Cryptography WCC’2013, Bergen, Norway, available on www.selmer.uib.no/WCC2013/pdfs/Gaborit.pdf (2013).

  14. Gaborit P., Ruatta O., Schrek J., Zémor G.: New results for rank-based cryptography. In: Progress in Cryptology—AFRICACRYPT 2014, LNCS, vol. 8469, pp 1–12 (2014).

  15. Gentry C., Peikert C., Vaikuntanathan V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner RE, Dwork C (eds) 40th ACM STOC, ACM Press, pp 197–206, (2008) https://doi.org/10.1145/1374376.1374407.

  16. Hoffstein J., Pipher J., Silverman J.H.: NSS: An NTRU lattice-based signature scheme. In: Pfitzmann B (ed) EUROCRYPT 2001, Springer, Heidelberg, LNCS, vol. 2045, pp. 211–228, (2001) https://doi.org/10.1007/3-540-44987-6_14.

  17. Kabatianskii G., Krouk E., Smeets B.J.M.: A digital signature scheme based on random error-correcting codes. In: IMA Int. Conf., Springer, LNCS, vol. 1355, pp. 161–167 (1997).

  18. Lyubashevsky V.: Lattice signatures without trapdoors. In: [23], pp 738–755, (2012)https://doi.org/10.1007/978-3-642-29011-4_43.

  19. Micciancio D., Peikert C.: Trapdoors for lattices: Simpler, tighter, faster, smaller. In: [23], pp. 700–718, (2012)https://doi.org/10.1007/978-3-642-29011-4_41.

  20. Partha Sarathi R., Rui X., Kazuhide F., Shinsaku K., Kirill M., Tsuyoshi T.: RaCoSS: Random code-based signature scheme. Submission to NIST post-quantum standardization process (2017).

  21. Partha Sarathi R., Rui X., Kazuhide F., Shinsaku K., Kirill M., Tsuyoshi T.: Code-based signature scheme without trapdoors. IEICE Tech. Rep., vol. 118, no. 151, ISEC2018-15, pp. 17–22, (2018) https://www.ieice.org/ken/paper/20180725L1FF/eng/.

  22. Persichetti, E.: Efficient digital signatures from coding theory. Cryptology ePrint Archive, Report 2017/397, (2017) http://eprint.iacr.org/2017/397.

  23. Pointcheval D., Johansson T. (eds.): EUROCRYPT 2012, LNCS, vol. 7237. Springer, Heidelberg (2012).

  24. Santini P., Baldi M., Chiaraluce F.: Cryptanalysis of a one-time code-based digital signature scheme. (2018) CoRR arXiv:1812.03286.

  25. Schnorr C.P.: Efficient identification and signatures for smart cards. In: Brassard G (ed) CRYPTO’89, Springer, Heidelberg, LNCS, vol. 435, pp. 239–252, (1990) https://doi.org/10.1007/0-387-34805-0_22.

  26. Shor P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J Comput. 26(5), 1484–1509 (1997). https://doi.org/10.1137/S0097539795293172.

    Article  MathSciNet  MATH  Google Scholar 

  27. Song Y., Huang X., Mu Y., Wu W.: A new code-based signature scheme with shorter public key. Cryptology ePrint Archive, Report 2019/053, (2019) https://eprint.iacr.org/eprint-bin/getfile.pl?entry=2019/053&version=20190125:204017&file=053.pdf.

  28. Xagawa K.: Practical attack on racoss-r. Cryptology ePrint Archive, Report 2018/831, (2018) https://eprint.iacr.org/2018/831.

Download references

Author information

Authors and Affiliations

  1. XLIM-MATHIS, University of Limoges, Limoges, France

    Nicolas Aragon, Olivier Blazy & Philippe Gaborit

  2. École Nationale de l’Aviation Civile, Federal University of Toulouse, Toulouse, France

    Jean-Christophe Deneuville

  3. Temasek Laboratories, National University of Singapore, Singapore, Singapore

    Terry Shue Chien Lau & Chik How Tan

  4. NTT Secure Platform Laboratories, Tokyo, Japan

    Keita Xagawa

Authors
  1. Nicolas Aragon
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Olivier Blazy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jean-Christophe Deneuville
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Philippe Gaborit
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Terry Shue Chien Lau
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Chik How Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Keita Xagawa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jean-Christophe Deneuville.

Additional information

Communicated by R. Steinwandt.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work was partially supported by the French DGA.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Aragon, N., Blazy, O., Deneuville, JC. et al. Cryptanalysis of a rank-based signature with short public keys. Des. Codes Cryptogr. 88, 643–653 (2020). https://doi.org/10.1007/s10623-019-00702-0

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-019-00702-0

Keywords

Mathematics Subject Classification

Search

Navigation