Skip to main content
SpringerLink
Log in

Post-quantum cryptography: lattice signatures

  • Published:
Computing Aims and scope Submit manuscript

Abstract

This survey provides a comparative overview of lattice-based signature schemes with respect to security and performance. Furthermore, we explicitly show how to construct a competitive and provably secure Merkle tree signature scheme solely based on worst-case lattice problems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Ajtai M (1996) Generating hard instances of lattice problems (extended abstract). In: Proceedings of the annual symposium on the theory of computing (STOC) 1996. ACM Press, pp 99–108

  2. Ajtai M (1999) Generating hard instances of the short basis problem. In: International colloquium on automata, languages and programming (ICALP). Lecture notes in computer science. Springer, New York, pp 1–9

  3. Babai L (1986) On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1): 1–13

    Article  MATH  MathSciNet  Google Scholar 

  4. Bernstein, DJ, Buchmann, J, Dahmen, E (eds) (2008) Post-quantum cryptography. Springer, New York

    Google Scholar 

  5. Buchmann J, Dahmen E, Klintsevich E, Okeya K, Vuillaume C (2007) Merkle signatures with virtually unlimited signature capacity. In: International conference on applied cryptography and network security—ACNS 2007. Lecture notes in computer science. Springer, New York, pp 31–45

  6. Buchmann J, Dahmen E, Schneider M (2008) Merkle tree traversal revisited. In: Post-quantum cryptography (PQCrypto) 2008. Lecture notes in computer science. Springer, New York, pp 63–78

  7. Buchmann J, Lindner R, Rückert M (2008) Explicit hard instances of the shortest vector problem. In: Post-quantum cryptography (PQCrypto) 2008. Lecture notes in computer science. Springer, New York, pp 79–94

  8. Buchmann J, Lindner R, Rückert M, Schneider M (2008) Explicit hard instances of the shortest vector problem (extended version). Technical Report 2008/333, Cryptology ePrint Archive

  9. Dinur I (2002) Approximating SVP to within almost-polynomial factors is NP-hard. Theor Comput Sci 285(1): 55–71

    Article  MATH  MathSciNet  Google Scholar 

  10. Gama N, Howgrave-Graham N, Nguyen PQ (2006) Symplectic lattice reduction and NTRU. In: Vaudenay S(eds) EUROCRYPT. Lecture notes in computer science, vol 4004. Springer, New York, pp 233–253

    Google Scholar 

  11. Gentry C, Jonsson J, Stern J, Szydlo M (2001) Cryptanalysis of the ntru signature scheme (nss) from eurocrypt 2001. In: Advances in cryptology—Asiacrypt 2001, pp 1–20

  12. Gentry C, Peikert C, Vaikuntanathan V (2008) Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the annual symposium on the theory of computing (STOC) 2008. ACM Press, pp 197–206

  13. Goldreich O, Goldwasser S, Halevi S (1997) Public-key cryptosystems from lattice reduction problems. In: Advances in cryptology—crypto 1997. Lecture notes in computer science. Springer, New York, pp 112–131

  14. Hoffstein J, Howgrave-Graham N, Pipher J, Silverman JH, Whyte W (2005) Performance improvements and a baseline parameter generation algorithm for NTRUsign. http://grouper.ieee.org/groups/1363/lattPK/submissions.html

  15. Hoffstein J, Pipher J, Silverman JH (2001) NSS: an ntru lattice-based signature scheme. In: Advances in cryptology—Eurocrypt 2001. Lecture notes in computer science. Springer, New York, pp 211–228

  16. Jakobsson M, Leighton T, Micali S, Szydlo M (2003) Fractal merkle tree representation and traversal. In: Topics in cryptology—cryptographer’s track, RSA Conference (CT-RSA) 2003. Lecture notes in computer science. Springer, New York, pp 314–326

  17. Khot S (2005) Hardness of approximating the shortest vector problem in lattices. J ACM 52(5): 789–808

    Article  MathSciNet  Google Scholar 

  18. Klein PN (2000) Finding the closest lattice vector when it’s unusually close. In: Proceedings of the annual symposium on discrete algorithms (SODA) 2000. ACM Press, pp 937–941

  19. Lenstra A, Lenstra H, Lovász L (1982) Factoring polynomials with rational coefficients. Math Ann 261(4): 515–534

    Article  MATH  MathSciNet  Google Scholar 

  20. Lyubashevsky V, Micciancio D (2006) Generalized compact knapsacks are collision resistant. In: International colloquium on automata, languages and programming (ICALP) 2006. Lecture notes in computer science. Springer, New York, pp 144–155

  21. Lyubashevsky V, Micciancio D (2008) Asymptotically efficient lattice-based digital signatures. In: Theory of cryptography conference (TCC) 2008. Lecture notes in computer science. Springer, New York, pp 37–54

  22. Lyubashevsky V, Micciancio D, Peikert C, Rosen A (2008) Swifft: a modest proposal for fft hashing. In: Fast software encryption (FSE) 2008. Lecture notes in computer science. Springer, New York, pp 54–72

  23. Merkle R (1990) A certified digital signature. In: Advances in cryptology—crypto 1989. Lecture notes in computer science. Springer, New York, pp 218–238

  24. Micciancio D (2001) Improving lattice based cryptosystems using the Hermite normal form. In: Cryptography and lattices (CaLC) 2001. Lecture notes in computer science. Springer, New York, pp 126–145

  25. Micciancio D (2002) Generalized compact knapsacks, cyclic lattices, and efficient one-way functions from worst-case complexity assumptions. In: Proceedings of the 43rd annual IEEE symposium on foundations of computer science, 2002, pp 356–365

  26. Micciancio D, Goldwasser S (2002) Complexity of lattice problems: a cryptographic perspective. The Kluwer international series in engineering and computer science, vol 671. Kluwer, Boston

  27. Micciancio D, Regev O (2007) Worst-case to average-case reductions based on gaussian measures. SIAM J Comput 37(1): 267–302

    Article  MATH  MathSciNet  Google Scholar 

  28. Nguyen PQ (1999) Cryptanalysis of the Goldreich-Goldwasser-Halevi cryptosystem from crypto’97. In: Advances in cryptology—crypto 1999. Lecture notes in computer science. Springer, New York, pp 288–304

  29. Nguyen PQ, Regev O (2006) Learning a parallelepiped: cryptanalysis of GGH and NTRU signatures. In: Advances in cryptology—Eurocrypt 2006. Lecture notes in computer science. Springer, New York, pp 215–233

  30. Peikert C, Rosen A (2006) Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices. In: Theory of cryptography conference (TCC) 2006. Lecture notes in computer science. Springer, New York, pp 145–166

  31. Regev O (2007) On the complexity of lattice problems with polynomial approximation factors. In: A survey for the LLL+25 conference

  32. Regev O, Rosen R (2006) Lattice problems and norm embeddings. In: Proceedings of the annual symposium on the theory of computing (STOC) 2006. ACM Press, pp 447–456

  33. Shor PW (1997) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J Comput 26(5): 1484–1509

    Article  MATH  MathSciNet  Google Scholar 

  34. Szydlo M (2003) Merkle tree traversal in log space and time (preprint version). http://www.szydlo.com

  35. Szydlo M (2004) Merkle tree traversal in log space and time. In: Advances in cryptology—Eurocrypt 2004. Lecture notes in computer science. Springer, New York, pp 541–554

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Technische Universität Darmstadt, Hochschulstraße 10, 64289, Darmstadt, Germany

    Johannes Buchmann, Richard Lindner, Markus Rückert & Michael Schneider

Authors
  1. Johannes Buchmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Richard Lindner
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Markus Rückert
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michael Schneider
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Richard Lindner.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Buchmann, J., Lindner, R., Rückert, M. et al. Post-quantum cryptography: lattice signatures. Computing 85, 105–125 (2009). https://doi.org/10.1007/s00607-009-0042-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-009-0042-y

Keywords

Mathematics Subject Classification (2000)

Search

Navigation