scholarly journals Compact Dilithium Implementations on Cortex-M3 and Cortex-M4

2020 ◽  
pp. 1-24
Author(s):  
Denisa O. C. Greconici ◽  
Matthias J. Kannwischer ◽  
Daan Sprenkels
Keyword(s):  
Quantum Cryptography ◽  
Digital Signature ◽  
Flash Memory ◽  
Constant Time ◽  
Key Generation ◽  
Signature Scheme ◽  
Memory Footprint ◽  
Speed Up ◽  
Post Quantum Cryptography ◽  
Digital Signature Scheme

We present implementations of the lattice-based digital signature scheme Dilithium for ARM Cortex-M3 and ARM Cortex-M4. Dilithium is one of the three signature finalists of the NIST post-quantum cryptography competition. As our Cortex-M4 target, we use the popular STM32F407-DISCOVERY development board. Compared to the previous speed records on the Cortex-M4 by Ravi, Gupta, Chattopadhyay, and Bhasin we speed up the key operations NTT and NTT−1 by 20% which together with other optimizations results in speedups of 7%, 15%, and 9% for Dilithium3 key generation, signing, and verification respectively. We also present the first constant-time Dilithium implementation on the Cortex-M3 and use the Arduino Due for benchmarks. For Dilithium3, we achieve on average 2 562 kilocycles for key generation, 10 667 kilocycles for signing, and 2 321 kilocycles for verification.Additionally, we present stack consumption optimizations applying to both our Cortex- M3 and Cortex-M4 implementation. Due to the iterative nature of the Dilithium signing algorithm, there is no optimal way to achieve the best speed and lowest stack consumption at the same time. We present three different strategies for the signing procedure which allow trading more stack and flash memory for faster speed or viceversa. Our implementation of Dilithium3 with the smallest memory footprint uses less than 12kB. As an additional output of this work, we present the first Cortex-M3 implementations of the key-encapsulation schemes NewHope and Kyber.

scholarly journals CRYSTALS-Dilithium: A Lattice-Based Digital Signature Scheme

2018 ◽  
pp. 238-268 ◽  
Author(s):  
Léo Ducas ◽  
Eike Kiltz ◽  
Tancrède Lepoint ◽  
Vadim Lyubashevsky ◽  
Peter Schwabe ◽  
...  
Keyword(s):  
Digital Signature ◽  
Public Key ◽  
Signature Scheme ◽  
Running Time ◽  
Algebraic Lattices ◽  
Speed Up ◽  
Security Levels ◽  
Main Component ◽  
Digital Signature Scheme ◽  
Gaussian Sampling

In this paper, we present the lattice-based signature scheme Dilithium, which is a component of the CRYSTALS (Cryptographic Suite for Algebraic Lattices) suite that was submitted to NIST’s call for post-quantum cryptographic standards. The design of the scheme avoids all uses of discrete Gaussian sampling and is easily implementable in constant-time. For the same security levels, our scheme has a public key that is 2.5X smaller than the previously most efficient lattice-based schemes that did not use Gaussians, while having essentially the same signature size. In addition to the new design, we significantly improve the running time of the main component of many lattice-based constructions – the number theoretic transform. Our AVX2-based implementation results in a speed-up of roughly a factor of 2 over the previously best algorithms that appear in the literature. The techniques for obtaining this speed-up also have applications to other lattice-based schemes.

scholarly journals Improvement to Nyang-Song fast digital signature scheme

1997 ◽  
Vol 33 (22) ◽  
pp. 1861 ◽  
Author(s):  
Wei-Hua He ◽  
Tzong-Chen Wu
Keyword(s):  
Digital Signature ◽  
Signature Scheme ◽  
Digital Signature Scheme

scholarly journals Key Substitution Attacks on Lattice Signature Schemes Based on SIS Problem

2018 ◽  
Vol 2018 ◽  
pp. 1-13
Author(s):  
Youngjoo An ◽  
Hyang-Sook Lee ◽  
Juhee Lee ◽  
Seongan Lim
Keyword(s):  
Quantum Cryptography ◽  
Digital Signatures ◽  
Signature Scheme ◽  
Promising Candidate ◽  
Signature Schemes ◽  
Critical Requirement ◽  
Post Quantum Cryptography

The notion of key substitution security on digital signatures in the multiuser setting has been proposed by Menezes and Smart in 2004. Along with the unforgeability of signature, the key substitution security is very important since it is a critical requirement for the nonrepudiation and the authentication of the signature. Lattice-based signature is a promising candidate for post-quantum cryptography, and the unforgeability of each scheme has been relatively well studied. In this paper, we present key substitution attacks on BLISS, Lyubashevsky’s signature scheme, and GPV and thus show that these signature schemes do not provide nonrepudiation. We also suggest how to avoid key substitution attack on these schemes.

scholarly journals Digital signature scheme on the 2 x 2 matrix algebra

2021 ◽  
Vol 17 (3) ◽  
pp. 254-261
Author(s):  
Nikolay A. Moldovyan ◽  
◽  
Alexandr A. Moldovyan ◽  
Keyword(s):  
Digital Signature ◽  
High Performance ◽  
Matrix Algebra ◽  
Multiplicative Group ◽  
Discrete Logarithm ◽  
Signature Scheme ◽  
The Public ◽  
Signature Generation ◽  
Commutative Subalgebras ◽  
Digital Signature Scheme

The article considers the structure of the 2x2 matrix algebra set over a ground finite field GF(p). It is shown that this algebra contains three types of commutative subalgebras of order p2, which differ in the value of the order of their multiplicative group. Formulas describing the number of subalgebras of every type are derived. A new post-quantum digital signature scheme is introduced based on a novel form of the hidden discrete logarithm problem. The scheme is characterized in using scalar multiplication as an additional operation masking the hidden cyclic group in which the basic exponentiation operation is performed when generating the public key. The advantage of the developed signature scheme is the comparatively high performance of the signature generation and verification algorithms as well as the possibility to implement a blind signature protocol on its base.

Sign in / Sign up

Export Citation Format

Share Document