preprint IACR disponible sur https://eprint.iacr.org/2018/996/20181022:154324We present here Wave the first "hash-and-sign" code-based signature scheme which strictly follows the GPV strategy [GPV08]. It uses the family of ternary generalized (U, U + V) codes. We prove that Wave achieves existential unforgeability under adaptive chosen message attacks (EUF-CMA) in the random oracle model (ROM) with a tight reduction to two assumptions from coding theory: one is a distinguishing problem that is related to the trapdoor we insert in our scheme, the other one is DOOM, a multiple target version of syndrome decoding. The algorithm produces uniformly distributed signatures through a suitable rejection sampling. Our scheme enjoys efficient signature and verification algorithms. For 128 bits of classical security, signature are 8 thousand bits long and the public key size is slightly smaller than one megabyte. Furthermore, with our current choice of parameters, the rejection rate is limited to one rejection every 3 or 4 signatures
