TY - GEN
T1 - Secure Stern Signatures in Quantum Random Oracle Model
AU - Feng, Hanwen
AU - Liu, Jianwei
AU - Wu, Qianhong
N1 - Publisher Copyright:
© 2019, Springer Nature Switzerland AG.
PY - 2019
Y1 - 2019
N2 - The Stern signatures are a class of lattice-based signatures constructed from Stern protocols, a special class of sigma protocols, admitting diverse functionalities with good asymptotic efficiency. However, the post-quantum security of existing Stern signatures is unclear, since they are built via the Fiat-Shamir transformation, which has not been proved to be secure in the quantum random oracle model (QROM). The goal of this paper is to find an alternative transformation for constructing post-quantum secure Stern signatures. The Unruh transformation (Eurocrypt 2015) is an alternative that can build secure signatures in QROM from post-quantum secure sigma protocols. Unfortunately, its proof relies on the 2-special soundness of the underlying sigma protocol, while Stern protocols are 3-special sound. We fill this gap by providing an extended proof for the Unruh transformation. Specifically, we prove that it is still secure in the QROM even if the underlying sigma protocols are k-special sound, where$$k>2$$ could be an arbitrary integer. Observing that Stern protocols are post-quantum secure sigma protocols with 3-special soundness, our proof implies a generic method to obtain secure Stern signatures in the QROM.
AB - The Stern signatures are a class of lattice-based signatures constructed from Stern protocols, a special class of sigma protocols, admitting diverse functionalities with good asymptotic efficiency. However, the post-quantum security of existing Stern signatures is unclear, since they are built via the Fiat-Shamir transformation, which has not been proved to be secure in the quantum random oracle model (QROM). The goal of this paper is to find an alternative transformation for constructing post-quantum secure Stern signatures. The Unruh transformation (Eurocrypt 2015) is an alternative that can build secure signatures in QROM from post-quantum secure sigma protocols. Unfortunately, its proof relies on the 2-special soundness of the underlying sigma protocol, while Stern protocols are 3-special sound. We fill this gap by providing an extended proof for the Unruh transformation. Specifically, we prove that it is still secure in the QROM even if the underlying sigma protocols are k-special sound, where$$k>2$$ could be an arbitrary integer. Observing that Stern protocols are post-quantum secure sigma protocols with 3-special soundness, our proof implies a generic method to obtain secure Stern signatures in the QROM.
KW - Lattice-based cryptography
KW - Quantum random oracles
KW - Signatures
UR - https://www.scopus.com/pages/publications/85072868659
U2 - 10.1007/978-3-030-30215-3_21
DO - 10.1007/978-3-030-30215-3_21
M3 - 会议稿件
AN - SCOPUS:85072868659
SN - 9783030302146
T3 - Lecture Notes in Computer Science
SP - 425
EP - 444
BT - Information Security - 22nd International Conference, ISC 2019, Proceedings
A2 - Lin, Zhiqiang
A2 - Papamanthou, Charalampos
A2 - Polychronakis, Michalis
PB - Springer Verlag
T2 - 22nd International Conference on Information Security, ISC 2019
Y2 - 16 September 2019 through 18 September 2019
ER -