Skip to main content
SpringerLink
Log in

PKP-Based Signature Scheme

  • Conference paper
  • First Online:
Progress in Cryptology – INDOCRYPT 2019 (INDOCRYPT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11898))

Included in the following conference series:

Abstract

In this document, we introduce \(\textsf {PKP}\hbox {-}\textsf {DSS}\): a Digital Signature Scheme based on the Permuted Kernel Problem (PKP) [23]. PKP is a simple NP-hard [10] combinatorial problem that consists of finding a kernel for a publicly known matrix, such that the kernel vector is a permutation of a publicly known vector. This problem was used to develop an Identification Scheme (IDS) which has a very efficient implementation on low-cost smart cards. From this zero-knowledge identification scheme, we derive \(\textsf {PKP}\hbox {-}\textsf {DSS}\) with the traditional Fiat-Shamir transform [9]. Thus, \(\textsf {PKP}\hbox {-}\textsf {DSS}\) has a security that can be provably reduced, in the (classical) random oracle model, to the hardness of random instances of PKP (or, if wanted, to any specific family of \(\text {PKP}\) instances). We propose parameter sets following the thorough analysis of the State-of-the-art attacks on PKP presented in [17]. We show that \(\textsf {PKP}\hbox {-}\textsf {DSS}\) is competitive with other signatures derived from Zero-Knowledge identification schemes. In particular, PKP-DSS-128 gives a signature size of approximately 20 KBytes for 128 bits of classical security, which is approximately \(30\%\) smaller than MQDSS. Moreover, our proof-of-concept implementation shows that PKP-DSS-128 is an order of magnitude faster than MQDSS which in its turn is faster than Picnic2, SPHINCS, ...

Since the \(\text {PKP}\) is NP-hard and since there are no known quantum attacks for solving PKP significantly better than classical attacks, we believe that our scheme is post-quantum secure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Baritaud, T., Campana, M., Chauvaud, P., Gilbert, H.: On the security of the permuted kernel identification scheme. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 305–311. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_21

    Chapter  Google Scholar 

  2. Bennett, C.H., Bernstein, E., Brassard, G., Vazirani, U.: Strengths and weaknesses of quantum computing. SIAM J. Comput. 26(5), 1510–1523 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  3. The djbsort software library for sorting arrays of integers or floating-point numbers in constant time. https://sorting.cr.yp.to/

  4. Beullens, Ward. PKPDSS (2019). Public GitHub repository. https://github.com/WardBeullens/PKPDSS

  5. Beullens, W.: On sigma protocols with helper for MQ and PKP, fishy signature schemes and more. Cryptology ePrint Archive, Report 2019/490 (2019). https://eprint.iacr.org/2019/490

  6. Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1825–1842. ACM, October 2017

    Google Scholar 

  7. Chen, M.S., Hülsing, A., Rijneveld, J., Samardjiska, S., Schwabe, P.: MQDSS specifications (2018)

    Google Scholar 

  8. Damgård, I.: Commitment schemes and zero-knowledge protocols. In: Damgård, I.B. (ed.) EEF School 1998. LNCS, vol. 1561, pp. 63–86. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48969-X_3

    Chapter  Google Scholar 

  9. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_12

    Chapter  Google Scholar 

  10. Gary, M., Johnson, D.: Computers and Intractability: A Guide to NP-Completeness. W H., New York (1979)

    Google Scholar 

  11. Georgiades, J.: Some remarks on the security of the identification scheme based on permuted kernels. J. Cryptol. 5(2), 133–137 (1992)

    Article  MathSciNet  MATH  Google Scholar 

  12. Beullens, W.: On sigma protocols with helper for MQ and PKP, fishy signature schemes and more IACR Cryptology ePrint Archive 2019 (2019). https://eprint.iacr.org/2019/490

  13. Don, J., Fehr, S., Majenz, C., Schaffner, C.: Security of the fiat-shamir transformation in the quantum random-oracle model. Cryptology ePrint Archive, Report 2019/190 (2019). https://eprint.iacr.org/2019/190

  14. Haitner, I., Nguyen, M.H., Ong, S.J., Reingold, O., Vadhan, S.: Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. SIAM J. Comput. 39(3), 1153–1218

    Google Scholar 

  15. Jaulmes, É., Joux, A.: Cryptanalysis of PKP: a new approach. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 165–172. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44586-2_12

    Chapter  Google Scholar 

  16. Kales, D., Zaverucha, G.: Forgery attacks against MQDSSv2.0 Note postes on the NIST PQC forum. https://groups.google.com/a/list.nist.gov/forum/?utm_medium=email&utm_source=footer#!msg/pqc-forum/LlHhfwg73eQ/omM6TWwlEwAJ

  17. Koussa, E., Macario-Rat, G., Patarin, J.: On the complexity of the Permuted Kernel Problem. IACR Cryptology ePrint Archive 2019:412 (2019)

    Google Scholar 

  18. Poupard, G.: A realistic security analysis of identification schemes based on combinatorial problems. Eur. Trans. Telecommun. 8(5), 471–480 (1997)

    Article  Google Scholar 

  19. Lampe, R., Patarin, J.: Analysis of Some Natural Variants of the PKP Algorithm. IACR Cryptology ePrint Archive, 2011:686

    Google Scholar 

  20. NIST categories: Security strength categories. https://csrc.nist.gov/CSRC/media/Projects/Post-Quantum-Cryptography/documents/call-for-proposals-final-dec-2016.pdf

  21. Patarin, J., Chauvaud, P.: Improved algorithms for the permuted kernel problem. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 391–402. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_33

    Chapter  Google Scholar 

  22. Sakumoto, K., Shirai, T., Hiwatari, H.: Public-key identification schemes based on multivariate quadratic polynomials. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 706–723. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_40

    Chapter  Google Scholar 

  23. Shamir, A.: An efficient identification scheme based on permuted kernels (extended abstract). In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 606–609. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_54

    Chapter  Google Scholar 

  24. Chen, M.-S., Hülsing, A., Rijneveld, J., Samardjiska, S., Schwabe, P.: From 5-pass \(\cal{MQ}\)-based identification to \(\cal{MQ}\)-based signatures. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 135–165. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6_5

    Chapter  Google Scholar 

  25. Kiltz, E., Lyubashevsky, V., Schaffner, C.: A new identification scheme based on syndrome decoding. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 552–586. Springer, Cham (2018)

    Google Scholar 

  26. Unruh, D.: Post-quantum security of fiat-shamir. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 65–95. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_3

    Chapter  Google Scholar 

  27. Unruh, D.: Non-interactive zero-knowledge proofs in the quantum random oracle model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 755–784. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_25

    Chapter  MATH  Google Scholar 

  28. Leurent, G., Nguyen, P.Q.: How risky is the random-oracle model? In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 445–464. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_26

    Chapter  Google Scholar 

  29. Halevi, S., Krawczyk, H.: Strengthening digital signatures via randomized hashing. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 41–59. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_3

    Chapter  Google Scholar 

Download references

Acknowledgments

This work was supported by the European Commission through the Horizon 2020 research and innovation program under grant agreement H2020-DS-LEIT-2017-780108 FENTEC, by the Flemish Government through FWO SBO project SNIPPET S007619N and by the IF/C1 on Cryptanalysis of post-quantum cryptography and by the French Programme d’Investissement d’Avenir under national project RISQ P141580. Ward Beullens is funded by an FWO fellowship.

Author information

Authors and Affiliations

  1. imec-COSIC, KU Leuven, Leuven, Belgium

    Ward Beullens

  2. Inria and Sorbonne Universities/UPMC Uni Paris 6, Paris, France

    Jean-Charles Faugère & Ludovic Perret

  3. Versailles Laboratory of Mathematics, UVSQ, Versailles, France

    Eliane Koussa

  4. Orange, Meylan, France

    Gilles Macario-Rat

  5. Versailles Laboratory of Mathematics, UVSQ, CNRS, University of Paris-Saclay, Versailles, France

    Jacques Patarin

Authors
  1. Ward Beullens
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jean-Charles Faugère
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eliane Koussa
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gilles Macario-Rat
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jacques Patarin
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Ludovic Perret
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ward Beullens .

Editor information

Editors and Affiliations

  1. University of Warwick, Warwick, UK

    Feng Hao

  2. CSIRO Data61, Marsfield, NSW, Australia

    Sushmita Ruj

  3. Nanyang Technological University, Singapore, Singapore

    Sourav Sen Gupta

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Beullens, W., Faugère, JC., Koussa, E., Macario-Rat, G., Patarin, J., Perret, L. (2019). PKP-Based Signature Scheme. In: Hao, F., Ruj, S., Sen Gupta, S. (eds) Progress in Cryptology – INDOCRYPT 2019. INDOCRYPT 2019. Lecture Notes in Computer Science(), vol 11898. Springer, Cham. https://doi.org/10.1007/978-3-030-35423-7_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-35423-7_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-35422-0

  • Online ISBN: 978-3-030-35423-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation