Sommaire

  • Cet exposé a été présenté le 26 avril 2019.

Description

  • Orateur

    André Chailloux - INRIA

Applying the Fiat-Shamir transform on identification schemes is one of the main ways of constructing signature schemes. While the classical security of this transformation is well understood, there are still many cases for which we do not know whether the quantum security holds or not. In this paper, we show that if we start from a commit-and-open identification scheme, where the prover first commits to several strings and then as a second message opens a subset of them depending on the verifier's message, then the Fiat-Shamir transform is quantum secure, for a suitable choice of commitment scheme. We use our results to prove the security of a multivariate signature scheme closely related to the post-quantum signature MQDSS submitted at the NIST competition.<br/> lien: http://desktop.visio.renater.fr/scopia?ID=722799***1643&autojoin

Prochains exposés

  • Oblivious Transfer from Zero-Knowledge Proofs (or how to achieve round-optimal quantum Oblivious Transfer without structure)

    • 06 juin 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Léo Colisson - Université Grenoble Alpes

    We provide a generic construction to turn any classical Zero-Knowledge (ZK) protocol into a composable oblivious transfer (OT) protocol (the protocol itself involving quantum interactions), mostly lifting the round-complexity properties and security guarantees (plain-model/statistical security/unstructured functions…) of the ZK protocol to the resulting OT protocol. Such a construction is unlikely[…]
    • Cryptography

Voir les exposés passés