Table of contents

  • This session has been presented April 26, 2019.

Description

  • Speaker

    André Chailloux - INRIA

Applying the Fiat-Shamir transform on identification schemes is one of the main ways of constructing signature schemes. While the classical security of this transformation is well understood, there are still many cases for which we do not know whether the quantum security holds or not. In this paper, we show that if we start from a commit-and-open identification scheme, where the prover first commits to several strings and then as a second message opens a subset of them depending on the verifier's message, then the Fiat-Shamir transform is quantum secure, for a suitable choice of commitment scheme. We use our results to prove the security of a multivariate signature scheme closely related to the post-quantum signature MQDSS submitted at the NIST competition.<br/> lien: http://desktop.visio.renater.fr/scopia?ID=722799***1643&autojoin

Next sessions

  • Polytopes in the Fiat-Shamir with Aborts Paradigm

    • November 29, 2024 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Hugo Beguinet - ENS Paris / Thales

    The Fiat-Shamir with Aborts paradigm (FSwA) uses rejection sampling to remove a secret’s dependency on a given source distribution.&nbsp; Recent results revealed that unlike the uniform distribution in the hypercube, both the continuous Gaussian and the uniform distribution within the hypersphere minimise the rejection rate and the size of the proof of knowledge. However, in practice both these[…]

    • Cryptography

    • Asymmetric primitive

    • Mode and protocol

  • Post-quantum Group-based Cryptography

    • December 20, 2024 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Delaram Kahrobaei - The City University of New York

Show previous sessions
Page top