Paper 2024/815
Faster verifications and smaller signatures: Trade-offs for ALTEQ using rejections
Abstract
In this paper, we introduce a new probability function parameter in the instantiations of the Goldreich-Micali-Wigderson with Fiat-Shamir and unbalanced challenges used in ALTEQ, a recent NIST PQC candidate in the call for additional signatures. This probability set at 100% does not bring any changes in the scheme, but modifies the public challenge generation process when below 100%, by injecting potential rejections in otherwise completely valid inputs. From a theoretical point of view, this does not improve the asymptotical hardness of the scheme and negatively affects the efficiency of the signatory, and might itself seem trivial. However, from a practical point of view, implementation-wise and performance-wise, this triviality allows an extra degree of freedom in optimizing parameters, as the heuristic security level is also increased against forgers: previously valid combinations now can be deemed invalid. This allows us to make trade-offs to reduce the computational load in verifiers, accelerating verifications, marginally reduce the signature size, at the cost of making signatures slower and unlikely to be constant-time. In particular, this extra degree of freedom allows to make implementation choices that enable smoother and faster executions of the aforementioned protocols, especially in the context of parallelization using vectorized instructions. We also demonstrate the usefulness of our proposal to ALTEQ for other options, when slowing down the signing process is not an issue: significantly smaller signatures but longer verifications, or lower public key sizes. The ideas presented apply to any primitive, and can be used beyond ALTEQ.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. ACISP 2024
- Keywords
- Post-Quantum CryptographySignature schemeAVX2
- Contact author(s)
- ar-sipasseuth @ kddi-research jp
- History
- 2024-05-27: approved
- 2024-05-26: received
- See all versions
- Short URL
- https://ia.cr/2024/815
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/815, author = {Arnaud Sipasseuth}, title = {Faster verifications and smaller signatures: Trade-offs for {ALTEQ} using rejections}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/815}, year = {2024}, url = {https://eprint.iacr.org/2024/815} }