3 research outputs found
A Modified pqsigRM: RM Code-Based Signature Scheme
We propose a novel signature scheme based on a modified Reed--Muller (RM) code, which reduces the signing complexity and key size compared to existing code-based signature schemes. This cheme is called as the modified pqsigRM, and corresponds to an improvement of pqsigRM, the proposal submitted to NIST. Courtois, Finiasz, and Sendrier (CFS) proposed a code-based signature scheme using the Goppa codes based on a full domain hash approach. However, owing to the properties of Goppa codes, the CFS signature scheme has drawbacks such as signing complexity and large key size. We overcome these disadvantages of the CFS signature scheme using partially permuted RM code and its decoding, which finds a near codeword for any received vector. Using a partially permuted RM code, the signature scheme resists various known attacks on the RM code-based cryptography. Additionally, we further modify the RM codes by row insertion/deletion of the generator matrix and thereafter resolve the problems reported in the post-quantum cryptography forum by NIST, such as the Hamming weight distribution of the public code
Enhanced pqsigRM: Code-Based Digital Signature Scheme with Short Signature and Fast Verification for Post-Quantum Cryptography
We present a novel code-based digital signature scheme, called
Enhanced pqsigRM for post-quantum cryptography (PQC). This scheme
is based on modified Reed–Muller (RM) codes, which modified RM codes
with several security problems. Enhanced pqsigRM is a strengthened version
of pqsigRM, which was submitted to NIST PQC standardization in
round 1. The proposed scheme has the advantage of short signature size,
fast verification cycles. For 128 bits of classical security, the signature
size of the proposed scheme is 1032 bytes, which corresponds to 0.42
times that of Crystals-Dilithium, and the number of median verification
cycles is 235,656, which is smaller than that of Crystals-Dilithium.
Also, we use public codes, called modified RM codes, that are more difficult
to distinguish from random codes. We use (U,U + V )-codes with
high-dimensional hull to make these. Using modified RM codes, the proposed
signature scheme resists various known attacks on RM-code-based
cryptography. The proposed decoder samples from coset elements with
small Hamming weight for any given syndrome and efficiently finds such
elements