Paper 2022/1184

On digital signatures based on isomorphism problems: QROM security, ring signatures, and applications

Markus Bläser, Saarland University
Zhili Chen, University of Technology Sydney
Dung Hoang Duong, University of Wollongong
Antoine Joux, Helmholtz Center for Information Security
Ngoc Tuong Nguyen, University of Wollongong
Thomas Plantard, Nokia Bell Labs
Youming Qiao, University of Technology Sydney
Willy Susilo, University of Wollongong
Gang Tang, University of Technology Sydney

An isomorphism problem asks whether two combinatorial or algebraic structures are essentially the same. Based on the assumed hardness of an isomorphism problem, there is a well-known digital signature design based on the Goldreich-Micali-Widgerson (GMW) zero-knowledge protocol for graph isomorphism and the Fiat-Shamir (FS) transformation. Recently, there is a revival of activities on this design, as witnessed by the schemes SeaSign (Eurocrypt 2019), CSIFiSh (Asiacrypt 2019), LESS (Africacrypt 2020), ATFE (Eurocrypt 2022), and MEDS (Africacrypt 2023). The contributions of this paper are two-folds: the first is about the GMW-FS design in general, and the second is on the ATFE-GMW-FS scheme. First, we study the QROM security and ring signatures of the GMW-FS design in the group action framework. We distil properties of the underlying isomorphism problem for the GMW-FS design to be secure in the quantum random oracle model (QROM). We also show that this design supports a linkable ring signature construction following the work of Beullens, Katsumata and Pintore (Asiacrypt 2020). Second, we apply the above results to prove the security of the ATFE-GMW-FS scheme in the QROM model. We then describe a linkable ring signature scheme based on it, and provide an implementation of the ring signature scheme. Preliminary experiments suggest that our scheme is competitive among existing post-quantum ring signatures. We also discuss the parameter choices of the ATFE-GMW-FS scheme based on the recent attack by Beullens (Cryptology ePrint Archive, Paper 2022/1528), and the MPC-in-the-head construction for general group actions by Joux (Cryptology ePrint Archive, Paper 2023/664).

Available format(s)
Public-key cryptography
Publication info
QROMalternating trilinear formsring signaturesdigital signaturesisomorphism problems
Contact author(s)
mblaeser @ cs uni-saarland de
zhili chen @ student uts edu au
hduong @ uow edu au
joux @ cispa de
ntn807 @ uowmail edu au
thomas plantard @ nokia-bell-labs com
Youming Qiao @ uts edu au
wsusilo @ uow edu au
gang tang-1 @ student uts edu au
2023-06-02: last of 2 revisions
2022-09-09: received
See all versions
Short URL
Creative Commons Attribution


      author = {Markus Bläser and Zhili Chen and Dung Hoang Duong and Antoine Joux and Ngoc Tuong Nguyen and Thomas Plantard and Youming Qiao and Willy Susilo and Gang Tang},
      title = {On digital signatures based on isomorphism problems: QROM security, ring signatures, and applications},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1184},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.