Paper 2024/815

Faster verifications and smaller signatures: Trade-offs for ALTEQ using rejections

Arnaud Sipasseuth, KDDI Research (Japan)
Abstract

In this paper, we introduce a new probability function parameter in the instantiations of the Goldreich-Micali-Wigderson with Fiat-Shamir and unbalanced challenges used in ALTEQ, a recent NIST PQC candidate in the call for additional signatures. This probability set at 100% does not bring any changes in the scheme, but modifies the public challenge generation process when below 100%, by injecting potential rejections in otherwise completely valid inputs. From a theoretical point of view, this does not improve the asymptotical hardness of the scheme and negatively affects the efficiency of the signatory, and might itself seem trivial. However, from a practical point of view, implementation-wise and performance-wise, this triviality allows an extra degree of freedom in optimizing parameters, as the heuristic security level is also increased against forgers: previously valid combinations now can be deemed invalid. This allows us to make trade-offs to reduce the computational load in verifiers, accelerating verifications, marginally reduce the signature size, at the cost of making signatures slower and unlikely to be constant-time. In particular, this extra degree of freedom allows to make implementation choices that enable smoother and faster executions of the aforementioned protocols, especially in the context of parallelization using vectorized instructions. We also demonstrate the usefulness of our proposal to ALTEQ for other options, when slowing down the signing process is not an issue: significantly smaller signatures but longer verifications, or lower public key sizes. The ideas presented apply to any primitive, and can be used beyond ALTEQ.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. ACISP 2024
Keywords
Post-Quantum CryptographySignature schemeAVX2
Contact author(s)
ar-sipasseuth @ kddi-research jp
History
2024-05-27: approved
2024-05-26: received
See all versions
Short URL
https://ia.cr/2024/815
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/815,
      author = {Arnaud Sipasseuth},
      title = {Faster verifications and smaller signatures: Trade-offs for {ALTEQ} using rejections},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/815},
      year = {2024},
      url = {https://eprint.iacr.org/2024/815}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.