Paper 2018/056

SETLA: Signature and Encryption from Lattices

François Gérard and Keno Merckx

Abstract

In data security, the main objectives one tries to achieve are privacy, data integrity and authentication. In a public-key setting, privacy is reached through asymmetric encryption and both data integrity and authentication through signature. Meeting all the security objectives for data exchange requires to use a concatenation of those primitives in an encrypt-then-sign or sign-then-encrypt fashion. Signcryption aims at providing all the security requirements in one single primitive at a lower cost than using encryption and signature together. Most existing signcryption schemes are using ElGamal-based or pairing-based techniques and thus rely on the decisional Diffie-Hellman assumption. With the current growth of a quantum threat, we seek for post-quantum counterparts to a vast majority of public-key primitives. In this work, we propose a lattice-based signcryption scheme in the random oracle model inspired from a construction of Malone-Lee. It comes in two flavors, one integrating the usual lattice-based key exchange into the signature and the other merging the scheme with a RLWE encryption. Our instantiation is based on a ring version of the scheme of Bai and Galbraith as was done in ring-TESLA and TESLA$\sharp$. It targets 128 bits of classical security and offers a save in bandwidth over a naive concatenation of state-of-the-art key exchanges and signatures from the literature. Another lightweight instantiation derived from GLP is feasible but raises long-term security concerns since the base scheme is somewhat outdated.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Contact author(s)
fragerar @ ulb ac be
History
2018-07-01: revised
2018-01-16: received
See all versions
Short URL
https://ia.cr/2018/056
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/056,
      author = {François Gérard and Keno Merckx},
      title = {SETLA: Signature and Encryption from Lattices},
      howpublished = {Cryptology ePrint Archive, Paper 2018/056},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/056}},
      url = {https://eprint.iacr.org/2018/056}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.