CryptoDB
Plover: Masking-Friendly Hash-and-Sign Lattice Signatures
| Authors: |
|
|---|---|
| Download: |
|
| Presentation: | Slides |
| Conference: | EUROCRYPT 2024 |
| Abstract: | We introduce a toolkit for transforming lattice-based hash-and-sign signature schemes into masking-friendly signatures secure in the t-probing model. Until now, efficiently masking lattice-based hash-and-sign schemes was an open problem unsuccessful attempts such as Mitaka. Our toolkit includes noise flooding to mitigate statistical leaks and an extended Strong Non-Interfering probing security property (SNIu) for masking gadgets to handle unshared inputs. Our main conceptual contribution lies in finding a systematic way to use noise flooding within the hash-and-sign paradigm. Our main technical contribution is to formalize, prove, instantiate and implement a hash-and-sign scheme based on these techniques. We showcase the efficiency of our techniques in a signature scheme, Plover-RLWE, based on (hint) Ring-LWE. It is the first lattice-based masked hash-and-sign scheme with quasi-linear complexity O(d log d) in the number of shares d. Our performances are competitive with the state-of-the-art masking-friendly signature, the Fiat-Shamir scheme Raccoon. |
BibTeX
@inproceedings{eurocrypt-2024-33997,
title={Plover: Masking-Friendly Hash-and-Sign Lattice Signatures},
publisher={Springer-Verlag},
doi={10.1007/978-3-031-58754-2_12},
author={Muhammed F. Esgin and Thomas Espitau and Guilhem Niot and Thomas Prest and Amin Sakzad and Ron Steinfeld},
year=2024
}