International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Sigma protocols for MQ, PKP and SIS, and fishy signature schemes

Authors:
Ward Beullens , imec-COSIC, KU Leuven
Download:
DOI: 10.1007/978-3-030-45727-3_7 (login may be required)
Search ePrint
Search Google
Conference: EUROCRYPT 2020
Abstract: This work presents sigma protocols to prove knowledge of: - a solution to a system of quadratic polynomials, - a solution to an instance of the Permuted Kernel Problem and - a witness for a variety of lattice statements (including SIS). Our sigma protocols have soundness error 1/q', where q' is any number bounded by the size of the underlying finite field. This is much better than existing proofs, which have soundness error 2/3 or (q'+1)/2q'. The prover and verifier time our proofs are O(q'). We achieve this by first constructing so-called sigma protocols with helper, which are sigma protocols where the prover and the verifier are assisted by a trusted third party, and then eliminating the helper from the proof with a "cut-and-choose" protocol. We apply the Fiat-Shamir transform to obtain signature schemes with security proof in the QROM. We show that the resulting signature schemes, which we call the "MUltivariate quaDratic FIat-SHamir" scheme (MUDFISH) and the "ShUffled Solution to Homogeneous linear SYstem FIat-SHamir" scheme (SUSHSYFISH), are more efficient than existing signatures based on the MQ problem and the Permuted Kernel Problem. Our proof system can be used to improve the efficiency of applications relying on (generalizations of) Stern's protocol. We show that the proof size of our SIS proof is smaller than that of Stern's protocol by an order of magnitude and that our proof is more efficient than existing post-quantum secure SIS proofs.
Video from EUROCRYPT 2020
BibTeX
@inproceedings{eurocrypt-2020-30207,
  title={Sigma protocols for MQ, PKP and SIS, and  fishy signature schemes},
  booktitle={39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10–14, 2020, Proceedings},
  series={Lecture Notes in Computer Science},
  publisher={Springer},
  keywords={Zero-Knowledge;Post-Quantum digital signatures;SIS;Multivariate cryptography;Permuted Kernel Problem;Silly acronyms},
  volume={12105},
  doi={10.1007/978-3-030-45727-3_7},
  author={Ward Beullens},
  year=2020
}