Code-based Identification and Signature Schemes

In an age of explosive growth of digital communications and electronic data storage, cryptography plays an integral role in our society. Some examples of daily use of cryptography are software updates, e-banking, electronic commerce, ATM cards, etc. The security of most currently used cryptosystems relies on the hardness of the factorization and discrete logarithm problems. However, in 1994 Peter Shor discovered polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. Therefore, it is of extreme importance to develop cryptosystems that remain secure even when the adversary has access to a quantum computer; such systems are called post-quantum cryptosystems. One promising candidate is based on codes; in this thesis we focus more specifically on code-based identification and signature schemes. Public key identification schemes are typically applied in cryptography to reach the goal of entity authentication. Their applications include authentication and access control services such as remote login, credit card purchases and many others. One of the most well-known systems of this kind is the zero-knowledge identification scheme introduced in Crypto 1993 by Stern. It is very fast compared to schemes based on number-theoretic problems since it involves only simple and efficiently executable operations. However, its main drawbacks are the high communication complexity and the large public key size, that makes it impractical for many applications. Our first contribution addresses these drawbacks by taking a step towards reducing communication complexity and public key size simultaneously. To this end, we propose a novel zero-knowledge five-pass identification scheme which improves on Stern's scheme. It reduces the communication complexity by a factor of 25 % compared to Stern's one. Moreover, we obtain a public key of size of 4 KB, whereas Stern's scheme requires 15 KB for the same level of security. To the best of our knowledge, there is no code-based identification scheme with better performance than our proposal using random codes. Our second contribution consists of extending one of the most important paradigms in cryptography, namely the one by Fiat and Shamir. In doing so, we enlarge the class of identification schemes to which the Fiat-Shamir transform can be applied. Additionally, we put forward a generic methodology for proving the security of signature schemes derived from this class of identification schemes. We exemplify our extended paradigm and derive a provably secure signature scheme based on our proposed five-pass identification scheme. In order to contribute to the development of post-quantum schemes with additional features, we present an improved code-based threshold ring signature scheme using our two previous results. Our proposal has a shorter signature length and a smaller public-key size compared to Aguilar et al.'s scheme, which is the reference in this area

Efficient implementation of code-based identification/signatures schemes

International audienceIn this paper we present efficient implementations of several code-based identification schemes, namely the Stern scheme, the Véron scheme and the Cayrel-Véron-El Yousfi scheme. For a security of 80 bits, we obtain a signature in respectively 1.048 ms, 0.987 ms and 0.594 ms

Code-based Identification and Signature Schemes

In an age of explosive growth of digital communications and electronic data storage, cryptography plays an integral role in our society. Some examples of daily use of cryptography are software updates, e-banking, electronic commerce, ATM cards, etc. The security of most currently used cryptosystems relies on the hardness of the factorization and discrete logarithm problems. However, in 1994 Peter Shor discovered polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. Therefore, it is of extreme importance to develop cryptosystems that remain secure even when the adversary has access to a quantum computer; such systems are called post-quantum cryptosystems. One promising candidate is based on codes; in this thesis we focus more specifically on code-based identification and signature schemes. Public key identification schemes are typically applied in cryptography to reach the goal of entity authentication. Their applications include authentication and access control services such as remote login, credit card purchases and many others. One of the most well-known systems of this kind is the zero-knowledge identification scheme introduced in Crypto 1993 by Stern. It is very fast compared to schemes based on number-theoretic problems since it involves only simple and efficiently executable operations. However, its main drawbacks are the high communication complexity and the large public key size, that makes it impractical for many applications. Our first contribution addresses these drawbacks by taking a step towards reducing communication complexity and public key size simultaneously. To this end, we propose a novel zero-knowledge five-pass identification scheme which improves on Stern's scheme. It reduces the communication complexity by a factor of 25 % compared to Stern's one. Moreover, we obtain a public key of size of 4 KB, whereas Stern's scheme requires 15 KB for the same level of security. To the best of our knowledge, there is no code-based identification scheme with better performance than our proposal using random codes. Our second contribution consists of extending one of the most important paradigms in cryptography, namely the one by Fiat and Shamir. In doing so, we enlarge the class of identification schemes to which the Fiat-Shamir transform can be applied. Additionally, we put forward a generic methodology for proving the security of signature schemes derived from this class of identification schemes. We exemplify our extended paradigm and derive a provably secure signature scheme based on our proposed five-pass identification scheme. In order to contribute to the development of post-quantum schemes with additional features, we present an improved code-based threshold ring signature scheme using our two previous results. Our proposal has a shorter signature length and a smaller public-key size compared to Aguilar et al.'s scheme, which is the reference in this area

Dual Construction of Stern-based Signature Schemes

In this paper, we propose a dual version of the first identity-based scheme based on error-correcting code proposed by Cayrel et.al. Our scheme combines the McEliece signature and the Véron zero-knowledge identification scheme, which provide better computation complexity than the Stern one. We also propose a generalization of the Véron identification scheme in order to build a threshold ring signature scheme, which is secure in the random oracle model and has the advantage to reduce the computation complexity as well as the size of storage

A zero-knowledge identification scheme based on the q-ary Syndrome Decoding problem

At CRYPTO’93, Stern proposed a 3-pass code-based identification scheme with a cheating probability of 2/3. In this paper, we propose a 5-pass code-based protocol with a lower communication complexity, allowing an impersonator to succeed with only a probability of 1/2. Furthermore, we propose to use double-circulant construction in order to dramatically reduce the size of the public key. The proposed scheme is zero-knowledge and relies on an NP-complete coding theory problem (namely the q-ary Syndrome Decoding problem). The parameters we suggest for the instantiation of this scheme take into account a recent study of (a generalization of) Stern’s information set decoding algorithm, applicable to linear codes over arbitrary fields Fq; the public data of our construction is then 4 Kbytes, whereas that of Stern’s scheme is 15 Kbytes for the same level of security. This provides a very practical identification scheme which is especially attractive for light-weight cryptography

Improved Identity-Based Identification and Signature Schemes Using Quasi-Dyadic Goppa Codes

In this paper, we present an improved version of an identity-based identification scheme based on error-correcting codes. Our scheme combines the Courtois-Finiasz-Sendrier signature scheme using quasi-dyadic codes (QD-CFS) proposed in [2] and the identification scheme by Stern [18]. Following the construction proposed in [5], we obtain an identity-based identification scheme which has the advantage to reduce a public data size, the communication complexity and the signature length