Description
We present HAETAE (Hyperball bimodAl modulE rejecTion signAture schemE), a new lattice-based signature scheme, which we submitted to the Korean Post-Quantum Cryptography Competition for standardization. Like the NIST-selected Dilithium signature scheme, HAETAE is based on the Fiat-Shamir with Aborts paradigm, but our design choices target an improved complexity/compactness compromise that is highly relevant for many space-limited application scenarios. We primarily focus on reducing signature and verification key sizes so that signatures fit into one TCP or UDP datagram while preserving a high level of security against a variety of attacks. As a result, our scheme has signature and verification key sizes up to 40% and 25% smaller, respectively, compared than Dilithium.
Prochains exposés
-
Efficient zero-knowledge proofs and arguments in the CL framework
Orateur : Agathe Beaugrand - Institut de Mathématiques de Bordeaux
The CL encryption scheme, proposed in 2015 by Castagnos and Laguillaumie, is a linearly homomorphic encryption scheme, based on class groups of imaginary quadratic fields. The specificity of these groups is that their order is hard to compute, which means it can be considered unknown. This particularity, while being key in the security of the scheme, brings technical challenges in working with CL,[…]