Abstract
Quantum computing challenges the computational hardness assumptions anchoring the security of public-key ciphers, such as the prime factorization and the discrete logarithm problem. To prepare for the quantum era and withstand the attacks equipped with quantum computing, the security and cryptography communities are designing new quantum-resistant public-key ciphers. National Institute of Standards and Technology (NIST) is collecting and standardizing the post-quantum ciphers, similarly to its past involvements in establishing DES and AES as symmetric cipher standards. The NIST finalist algorithms for public-key signatures are Dilithium, Falcon, and Rainbow. Finding common ground to compare these algorithms can be difficult because of their design, the underlying computational hardness assumptions (lattice based vs. multivariate based), and the different metrics used for security strength analyses in the previous research (qubits vs. quantum gates). We overcome such challenges and compare the security and the performances of the finalist post-quantum ciphers of Dilithium, Falcon, and Rainbow. For security comparison analyses, we advance the prior literature by using the depth-width cost for quantum circuits (DW cost) to measure the security strengths and by analyzing the security in Universal Quantum Gate Model and with Quantum Annealing. For performance analyses, we compare the algorithms’ computational loads in the execution time as well as the communication costs and implementation overheads when integrated with Transport Layer Security (TLS) and Transmission Control Protocol (TCP)/Internet Protocol (IP). Our work presents a security comparison and performance analysis as well as the trade-off analysis to inform the post-quantum cipher design and standardization to protect computing and networking in the post-quantum era.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Our work has been shared with NIST.
- 2.
In addition to DW metrics, Jaques and Schanck [34] introduce G cost metrics for self-correcting quantum memory. However, self-correcting quantum memory is not available even theoretically. The two dimensional toric code [37], is not thermally stable [6]. Even though in a non-physical case of four spatial dimensions, it is thermally stable [7], it remains an open question if it is possible to implement it in three dimensions in which we live. Therefore, for our purposes, we use conservative DW cost metrics.
- 3.
If they are comparable, using one-time pad can be an option for information-theoretic security resistant against (quantum-)computationally capable adversaries.
References
ETSI-Standards. https://www.etsi.org. Accessed 1 Sept 2020
Wireshark tool. https://www.wireshark.org. Accessed 1 Sept 2020
Workshops and timeline. https://csrc.nist.gov/projects/post-quantum-cryptography/workshops-and-timeline. Accessed 1 Sept 2020
Alagic, G., et al.: Status report on the first round of the NIST post-quantum cryptography standardization process. US Department of Commerce, National Institute of Standards and Technology (2019)
Alagic, G., et al.: Status report on the second round of the NIST post-quantum cryptography standardization process, NIST, Technical report, July 2020
Alicki, R., Fannes, M., Horodecki, M.: On thermalization in Kitaev’s 2D model. J. Phys. A: Math. Theoret. 42(6), 065303 (2009)
Alicki, R., Horodecki, M., Horodecki, P., Horodecki, R.: On thermal stability of topological qubit in Kitaev’s 4D model. Open Syst. Inf. Dyn. 17(01), 1–20 (2010)
Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange-a new hope. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 327–343 (2016)
Alsina, D., Latorre, J.I.: Experimental test of Mermin inequalities on a five-qubit quantum computer. Phys. Rev. A 94(1), 012314 (2016)
Amin, M.H.: Consistency of the adiabatic theorem. Phys. Rev. Lett. 102(22), 220401 (2009)
Basu, K., Soni, D., Nabeel, M., Karri, R.: NIST post-quantum cryptography-A hardware evaluation study. IACR Cryptology ePrint Archives, p. 47 (2019)
Bernstein, D.J.: Visualizing size-security tradeoffs for lattice-based encryption. IACR Cryptology ePrint Archives, p. 655 (2019)
Brassard, G., Høyer, P., Tapp, A.: Quantum cryptanalysis of hash and claw-free functions. ACM SIGACT News 28(2), 14–19 (1997)
Caelli, W.J., Dawson, E.P., Rea, S.A.: PKI, elliptic curve cryptography, and digital signatures. Comput. Secur. 18(1), 47–66 (1999)
Casanova, A., Faugere, J.C., Macario-Rat, G., Patarin, J., Perret, L., Ryckeghem, J.: GeMSS: a great multivariate short signature. Submission to NIST (2017)
Castelvecchi, D.: IBM’s quantum cloud computer goes commercial. Nat. News 543(7644), 159 (2017)
Chen, L., et al.: Report on post-quantum cryptography, vol. 12. US Department of Commerce, National Institute of Standards and Technology (2016)
Cheung, D., Høyer, P., Wiebe, N.: Improved error bounds for the adiabatic approximation. J. Phys. A: Math. Theoret. 44(41), 415302 (2011)
Chuang, I.L., Gershenfeld, N., Kubinec, M.: Experimental implementation of fast quantum searching. Phys. Rev. Lett. 80(15), 3408 (1998)
Dachman-Soled, D., Ducas, L., Gong, H., Rossi, M.: LWE with side information: attacks and concrete security estimation. IACR Cryptology ePrint Archives 2020, 292 (2020)
Deutsch, D.E.: Quantum computational networks. Proc. R. Soc. Lond. A Math. Phys. Sci. 425(1868), 73–90 (1989)
Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_12
Ducas, L., et al.: Crystals-dilithium: a lattice-based digital signature scheme. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018, 238–268 (2018)
Duong, D.H., Tran, H.T.N., et al.: Choosing subfields for LUOV and lifting fields for rainbow. IET Inf. Secur. 14(2), 196–201 (2020)
Durr, C., Hoyer, P.: A quantum algorithm for finding the minimum. arXiv preprint quant-ph/9607014 (1996)
Finnila, A.B., Gomez, M., Sebenik, C., Stenson, C., Doll, J.D.: Quantum annealing: a new method for minimizing multidimensional functions. Chem. Phys. Lett. 219(5–6), 343–348 (1994)
FIPS, P.: 186–4: Federal information processing standards publication. Digital Signature Standard (DSS). Information Technology Laboratory, National Institute of Standards and Technology (NIST), Gaithersburg, MD, pp. 20899–8900 (2013)
Fouque, P.A., et al.: Falcon: fast-Fourier lattice-based compact signatures over NTRU. Submission to the NIST’s post-quantum cryptography standardization process (2018)
Gao, Y.L., Chen, X.B., Chen, Y.L., Sun, Y., Niu, X.X., Yang, Y.X.: A secure cryptocurrency scheme based on post-quantum blockchain. IEEE Access 6, 27205–27213 (2018)
Gottesman, D.: Theory of fault-tolerant quantum computation. Phys. Rev. A 57(1), 127 (1998)
Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, pp. 212–219 (1996)
Hauke, P., Katzgraber, H.G., Lechner, W., Nishimori, H., Oliver, W.D.: Perspectives of quantum annealing: methods and implementations. Rep. Prog. Phys. 83(5), 054401 (2020)
Jacobson, V., Leres, C., McCanne, S.: TCPDUMP public repository (2003). http://www.tcpdump.org
Jaques, S., Schanck, J.M.: Quantum cryptanalysis in the RAM model: claw-finding attacks on SIKE. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 32–61. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_2
Kelly, J.: A preview of Bristlecone, Google’s new quantum processor. Google Research Blog 5 (2018)
Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_15
Kitaev, A.Y.: Fault-tolerant quantum computation by anyons. Ann. Phys. 303(1), 2–30 (2003)
Messiah, A.: Quantum Mechanics: Translated [from the French] by J. Potter. North-Holland (1962)
Moses, T.: Quantum computing and cryptography. Entrust Inc., January 2009
Nejatollahi, H., Dutt, N., Ray, S., Regazzoni, F., Banerjee, I., Cammarota, R.: Post-quantum lattice-based cryptography implementations: A survey. ACM Comput. Surv. (CSUR) 51(6), 1–41 (2019)
Ravi, P., Jhanwar, M.P., Howe, J., Chattopadhyay, A., Bhasin, S.: Exploiting determinism in lattice-based signatures: practical fault attacks on pqm4 implementations of NIST candidates. In: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, pp. 427–440 (2019)
Regev, O.: Lattice-based cryptography. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 131–141. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_8
Rezakhani, A., Kuo, W.J., Hamma, A., Lidar, D., Zanardi, P.: Quantum adiabatic brachistochrone. Phys. Rev. Lett. 103(8), 080502 (2009)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)
Sikeridis, D., Kampanakis, P., Devetsikiotis, M.: Post-quantum authentication in TLS 1.3: a performance study. IACR Cryptology ePrint Archives, p. 71 (2020)
Stebila, D., Mosca, M.: Post-quantum key exchange for the internet and the open quantum safe project. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 14–37. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69453-5_2
Vandersypen, L.M., Steffen, M., Breyta, G., Yannoni, C.S., Sherwood, M.H., Chuang, I.L.: Experimental realization of Shor’s quantum factoring algorithm using nuclear magnetic resonance. Nature 414(6866), 883–887 (2001)
Wheatley, M.: D-Wave debuts new 5,000-qubit quantum computer, September 2019. https://siliconangle.com/2019/09/24/d-wave-debuts-new-5000-qubit-quantum-computer
Acknowledgment
This material is based upon work supported by the National Science Foundation under Grant No. 1922410. This research is also supported in part by Colorado State Bill 18-086.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Raavi, M., Wuthier, S., Chandramouli, P., Balytskyi, Y., Zhou, X., Chang, SY. (2021). Security Comparisons and Performance Analyses of Post-quantum Signature Algorithms. In: Sako, K., Tippenhauer, N.O. (eds) Applied Cryptography and Network Security. ACNS 2021. Lecture Notes in Computer Science(), vol 12727. Springer, Cham. https://doi.org/10.1007/978-3-030-78375-4_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-78375-4_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78374-7
Online ISBN: 978-3-030-78375-4
eBook Packages: Computer ScienceComputer Science (R0)