2,527 research outputs found
A Survey on Exotic Signatures for Post-quantum Blockchain: Challenges and Research Directions
Blockchain technology provides efficient and secure solutions to various online activities by utilizing a wide range of cryptographic tools. In this article, we survey the existing literature on post-quantum secure digital signatures that possess exotic advanced features and that are crucial cryptographic tools used in the blockchain ecosystem for (1) account management, (2) consensus efficiency, (3) empowering scriptless blockchain, and (4) privacy. The exotic signatures that we particularly focus on in this work are the following: multi-/aggregate, threshold, adaptor, blind, and ring signatures. Herein the term "exotic"refers to signatures with properties that are not just beyond the norm for signatures, e.g., unforgeability, but also imbue new forms of functionalities. Our treatment of such exotic signatures includes discussions on existing challenges and future research directions in the post-quantum space. We hope that this article will help to foster further research to make post-quantum cryptography more accessible so that blockchain systems can be made ready in advance of the approaching quantum threats
VDOO: A Short, Fast, Post-Quantum Multivariate Digital Signature Scheme
Hard lattice problems are predominant in constructing post-quantum
cryptosystems. However, we need to continue developing post-quantum
cryptosystems based on other quantum hard problems to prevent a complete
collapse of post-quantum cryptography due to a sudden breakthrough in solving
hard lattice problems. Solving large multivariate quadratic systems is one such
quantum hard problem.
Unbalanced Oil-Vinegar is a signature scheme based on the hardness of solving
multivariate equations. In this work, we present a post-quantum digital
signature algorithm VDOO (Vinegar-Diagonal-Oil-Oil) based on solving
multivariate equations. We introduce a new layer called the diagonal layer over
the oil-vinegar-based signature scheme Rainbow. This layer helps to improve the
security of our scheme without increasing the parameters considerably. Due to
this modification, the complexity of the main computational bottleneck of
multivariate quadratic systems i.e. the Gaussian elimination reduces
significantly. Thus making our scheme one of the fastest multivariate quadratic
signature schemes. Further, we show that our carefully chosen parameters can
resist all existing state-of-the-art attacks. The signature sizes of our scheme
for the National Institute of Standards and Technology's security level of I,
III, and V are 96, 226, and 316 bytes, respectively. This is the smallest
signature size among all known post-quantum signature schemes of similar
security
Quantum Resistant Authenticated Key Exchange for OPC UA using Hybrid X.509 Certificates
While the current progress in quantum computing opens new opportunities in a wide range of scientific fields, it poses a serious threat to today?s asymmetric cryptography. New quantum resistant primitives are already available but under active investigation. To avoid the risk of deploying immature schemes we combine them with well-established classical primitives to hybrid schemes, thus hedging our bets. Because quantum resistant primitives have higher resource requirements, the transition to them will affect resource constrained IoT devices in particular. We propose two modifications for the authenticated key establishment process of the industrial machine-to-machine communication protocol OPC UA to make it quantum resistant. Our first variant is based on Kyber for the establishment of shared secrets and uses either Falcon or Dilithium for digital signatures in combination with classical RSA. The second variant is solely based on Kyber in combination with classical RSA. We modify existing opensource software (open62541, mbedTLS) to integrate our two proposed variants and perform various performance measurement
A tight security reduction in the quantum random oracle model for code-based signature schemes
Quantum secure signature schemes have a lot of attention recently, in
particular because of the NIST call to standardize quantum safe cryptography.
However, only few signature schemes can have concrete quantum security because
of technical difficulties associated with the Quantum Random Oracle Model
(QROM). In this paper, we show that code-based signature schemes based on the
full domain hash paradigm can behave very well in the QROM i.e. that we can
have tight security reductions. We also study quantum algorithms related to the
underlying code-based assumption. Finally, we apply our reduction to a concrete
example: the SURF signature scheme. We provide parameters for 128 bits of
quantum security in the QROM and show that the obtained parameters are
competitive compared to other similar quantum secure signature schemes
Envisioning the Future of Cyber Security in Post-Quantum Era: A Survey on PQ Standardization, Applications, Challenges and Opportunities
The rise of quantum computers exposes vulnerabilities in current public key
cryptographic protocols, necessitating the development of secure post-quantum
(PQ) schemes. Hence, we conduct a comprehensive study on various PQ approaches,
covering the constructional design, structural vulnerabilities, and offer
security assessments, implementation evaluations, and a particular focus on
side-channel attacks. We analyze global standardization processes, evaluate
their metrics in relation to real-world applications, and primarily focus on
standardized PQ schemes, selected additional signature competition candidates,
and PQ-secure cutting-edge schemes beyond standardization. Finally, we present
visions and potential future directions for a seamless transition to the PQ
era
Under Quantum Computer Attack: Is Rainbow a Replacement of RSA and Elliptic Curves on Hardware?
Among cryptographic systems, multivariate signature is one of the most popular candidates since it has the potential to resist quantum computer attacks. Rainbow belongs to the multivariate signature, which can be viewed as a multilayer unbalanced Oil-Vinegar system. In this paper, we present techniques to exploit Rainbow signature on hardware meeting the requirements of efficient high-performance applications. We propose a general architecture for efficient hardware implementations of Rainbow and enhance our design in three directions. First, we present a fast inversion based on binary trees. Second, we present an efficient multiplication based on compact construction in composite fields. Third, we present a parallel solving system of linear equations based on Gauss-Jordan elimination. Via further other minor optimizations and by integrating the major improvement above, we implement our design in composite fields on standard cell CMOS Application Specific Integrated Circuits (ASICs). The experimental results show that our implementation takes 4.9 us and 242 clock cycles to generate a Rainbow signature with the frequency of 50 MHz. Comparison results show that our design is more efficient than the RSA and ECC implementations
Fuzzy matching template attacks on multivariate cryptography : a case study
Multivariate cryptography is one of the most promising candidates for post-quantum cryptography. Applying machine learning techniques in this paper, we experimentally investigate the side-channel security of the multivariate cryptosystems, which seriously threatens the hardware implementations of cryptographic systems. Generally, registers are required to store values of monomials and polynomials during the encryption of multivariate cryptosystems. Based on maximum-likelihood and fuzzy matching techniques, we propose a template-based least-square technique to efficiently exploit the side-channel leakage of registers. Using QUAD for a case study, which is a typical multivariate cryptosystem with provable security, we perform our attack against both serial and parallel QUAD implementations on field programmable gate array (FPGA). Experimental results show that our attacks on both serial and parallel implementations require only about 30 and 150 power traces, respectively, to successfully reveal the secret key with a success rate close to 100%. Finally, efficient and low-cost strategies are proposed to resist side-channel attacks
A Survey on Exotic Signatures for Post-Quantum Blockchain: Challenges & Research Directions
Blockchain technology provides efficient and secure solutions to various online activities by utilizing a wide range of cryptographic tools. In this paper, we survey the existing literature on post-quantum secure digital signatures that possess exotic advanced features and which are crucial cryptographic tools used in the blockchain ecosystem for (i) account management, (ii) consensus efficiency, (iii) empowering scriptless blockchain, and (iv) privacy. The exotic signatures that we particularly focus on in this work are the following: multi-/aggregate, threshold, adaptor, blind and ring signatures. Herein the term exotic refers to signatures with properties which are not just beyond the norm for signatures e.g. unforgeability, but also imbue new forms of functionalities. Our treatment of such exotic signatures includes discussions on existing challenges and future research directions in the post-quantum space. We hope that this article will help to foster further research to make post-quantum cryptography more accessible so that blockchain systems can be made ready in advance of the approaching quantum threats
PERFORMANCE OF HYBRID SIGNATURES FOR PUBLIC KEY INFRASTRUCTURE CERTIFICATES
The modern public key infrastructure (PKI) model relies on digital signature algorithms to provide
message authentication, data integrity, and non-repudiation. To provide this, digital signature algorithms,
like most cryptographic schemes, rely on a mathematical hardness assumption for provable security. As we
transition into a post-quantum era, the hardness assumptions used by traditional digital signature algorithms
are increasingly at risk of being solvable in polynomial time. This renders the entirety of public key
cryptography, including digital signatures, vulnerable to being broken. Hybrid digital signature schemes
represent a potential solution to this problem. In this thesis, we provide the first test implementation of true
hybrid signature algorithms. We evaluate the viability and performance of several hybrid signature schemes
against traditional hybridization techniques via standalone cryptographic operations. Finally, we explore
how hybrid signatures can be integrated into existing X.509 digital certificates and examine their
performance by integrating both into the Transport Layer Security 1.3 protocol.Outstanding ThesisGunnery Sergeant, United States Marine CorpsApproved for public release; distribution is unlimited
- …