Proposing a method to design secure digital signature scheme on the ring structure Zn

Abstract—In this paper, we propose a method to design signature scheme on ring structure with residual classes modulo composite. At the same time, we develop several new digital signature schemes that are more secure, with faster signature generation than ElGamal digital signature scheme and its variants. Furthermore, our proposed signature scheme has overcome some weaknesses of some published signature scheme of the same type, which are built on ring structure. Tóm tắt—Trong bài báo này, chúng tôi đề xuất một phương pháp thiết kế lược đồ chữ ký trên cấu trúc vành các lớp thặng dự theo modulo hợp số, đồng thời phát triển một số lược đồ chữ ký số mới an toàn hơn, tốc độ sinh chữ ký nhanh hơn so với lược đồ chữ ký số ElGamal cùng với những biến thể của nó. Hơn nữa, lược đồ chữ ký do chúng tôi đề xuất cũng khắc phục được một số nhược điểm của một số lược đồ chữ ký cùng loại, được xây dựng trên cấu trúc vành.

A digital signature scheme $\mathrm{mCFS}^{\mathrm{QC{-}LDPC}}$ based on $\mathrm{QC}$-$\mathrm{LDPC}$ codes

Предлагается заменить коды Гоппы кодами $\mathrm{QC}$-$\mathrm{LDPC}$ в схеме электронной подписи $\mathrm{mCFS}$. Это дает значительное (в среднем в $50$ раз) сокращение размеров открытых ключей без потери стойкости. Используется такая же теоретическая модель, как для схемы $\mathrm{mCFS}$. Обсуждаются возможности использования ряда известных методов для атаки на хэш-функцию и на процедуру выработки открытого/закрытого ключей. Предложены наборы параметров для нескольких уровней стойкости, например $80$-битовый уровень стойкости достижим с открытым ключом размера $\approx 1.82$ KB, $128$-битовый уровень стойкости - с ключом $\approx 3.87$ KB и $256$-битовый уровень стойкости - с ключом $\approx 13.88$ KB.

Double-authentication-preventing signatures in the standard model

A double-authentication preventing signature (DAPS) scheme is a digital signature scheme equipped with a self-enforcement mechanism. Messages consist of an address and a payload component, and a signer is penalized if she signs two messages with the same addresses but different payloads. The penalty is the disclosure of the signer’s signing key. Most of the existing DAPS schemes are proved secure in the random oracle model (ROM), while the efficient ones in the standard model only support address spaces of polynomial size. We present DAPS schemes that are efficient, secure in the standard model under standard assumptions and support large address spaces. Our main construction builds on vector commitments (VC) and double-trapdoor chameleon hash functions (DCH). We also provide a DAPS realization from Groth–Sahai (GS) proofs that builds on a generic construction by Derler et al., which they instantiate in the ROM. The GS-based construction, while less efficient than our main one, shows that a general yet efficient instantiation of DAPS in the standard model is possible. An interesting feature of our main construction is that it can be easily modified to guarantee security even in the most challenging setting where no trusted setup is provided. To the best of our knowledge, ours seems to be the first construction achieving this in the standard model.

Digital Signature Scheme with Hidden Group Possessing Two-Dimensional Cyclicity

A method is proposed for constructing digital signature schemes based on the hidden discrete logarithm problem, which meet ageneral criterion of post-quantum resistance. The method provides a relatively small size of the public key and signature. Based on the method, a practical digital signature scheme has been developed, in which the exponentiation operation in a hidden group with two-dimensional cyclicity is the basic cryptographic primitive. The algebraic support of a cryptoscheme is a four-dimensional finite non-commutative algebra with associative multiplication operation. By specifying algebra using abasis vector multiplication table with half of empty cells, the performance of signature generation and authentication procedures is improved. A public key is a triple of four-dimensional vectors calculated as images of elements of a hidden group which are mapped using two types of masking operations: 1) mutually commutative with the exponentiation operation and 2) not having this property.

Applications of SKREM-Like Symmetric Key Ciphers

In a prior paper we introduced a new symmetric key encryption scheme called Short Key Random Encryption Machine (SKREM), for which we claimed excellent security guarantees. In this paper we present and briefly discuss how some other cryptographic applications besides plain text encryption can benefit from the same security guarantees. We task ourselves with and succeed in showing how Secure Coin Flipping, Cryptographic Hashing, Zero-Leaked-Knowledge Authentication and Authorization and a Digital Signature scheme which can be employed on a block-chain, can all be achieved using SKREM-like ciphers, benefiting from their security guarantees. We also briefly recap SKREMlike ciphers and the core traits which make them so secure. The realizations of the above applications are novel because they do not involve public key cryptography. Furthermore, the security of SKREMlike ciphers is not based on hardness of some algebraic operations, thus not opening them up to specific quantum computing attacks.

On the Tight Security of TLS 1.3: Theoretically Sound Cryptographic Parameters for Real-World Deployments

We consider the theoretically sound selection of cryptographic parameters, such as the size of algebraic groups or RSA keys, for TLS 1.3 in practice. While prior works gave security proofs for TLS 1.3, their security loss is quadratic in the total number of sessions across all users, which due to the pervasive use of TLS is huge. Therefore, in order to deploy TLS 1.3 in a theoretically sound way, it would be necessary to compensate this loss with unreasonably large parameters that would be infeasible for practical use at large scale. Hence, while these previous works show that in principle the design of TLS 1.3 is secure in an asymptotic sense, they do not yet provide any useful concrete security guarantees for real-world parameters used in practice. In this work, we provide a new security proof for the cryptographic core of TLS 1.3 in the random oracle model, which reduces the security of TLS 1.3 tightly (that is, with constant security loss) to the (multi-user) security of its building blocks. For some building blocks, such as the symmetric record layer encryption scheme, we can then rely on prior work to establish tight security. For others, such as the RSA-PSS digital signature scheme currently used in TLS 1.3, we obtain at least a linear loss in the number of users, independent of the number of sessions, which is much easier to compensate with reasonable parameters. Our work also shows that by replacing the RSA-PSS scheme with a tightly secure scheme (e.g., in a future TLS version), one can obtain the first fully tightly secure TLS protocol. Our results enable a theoretically sound selection of parameters for TLS 1.3, even in large-scale settings with many users and sessions per user.

A post-quantum digital signature scheme on groups with four-dimensional cyclicity

Introduction: Development of practical post-quantum signature schemes is a current challenge in the applied cryptography. Recently, several different forms of the hidden discrete logarithm problem were proposed as primitive signature schemes resistant to quantum attacks. Purpose: Development of a new form of the hidden discrete logarithm problem set in finite commutative groups possessing multi-dimensional cyclicity, and a method for designing post-quantum signature schemes. Results: A new form of the hidden discrete logarithm problem is introduced as the base primitive of practical post-quantum digital signature algorithms. Two new four-dimensional finite commutative associative algebras have been proposed as algebraic support for the introduced computationally complex problem. A method for designing signature schemes on the base of the latter problem is developed. The method consists in using a doubled public key and two similar equations for the verification of the same signature. To generate a pair of public keys, two secret minimum generator systems <G, Q> and <H, V> of two different finite groups G<G, Q> and G<H, V> possessing two-dimensional cyclicity are selected at random. The first public key (Y, Z, U) is computed as follows: Y = Gy1Qy2a, Z = Gz1Qz2b, U = Gu1Qu2g, where the set of integers (y1, y2, a, z1, z2, b, u1, u2, g) is a private key. The second public key (Y¢, Z¢, U¢) is computed as follows: Y¢ = Hy1Vy2a, Z¢ = Hz1Vz2b, U¢ = Hu1Vu2g. Using the same parameters to calculate the corresponding elements belonging to different public keys makes it possible to calculate a single signature which satisfies two similar verification equations specified in different finite commutative associative algebras. Practical relevance: Due to a smaller size of the public key, private key and signature, as well as approximately equal performance as compared to the known analogues, the proposed digital signature scheme can be used in the development of post-quantum signature algorithms.