An Efficient Signature Scheme From Supersingular Elliptic Curve Isogenies

Since supersingular elliptic curve isogenies are one of the several candidate sources of hardness for building post-quantum cryptographic primitives, the research of efficient signature schemes based on them is still a hot topic. In this paper, we present a many-time signature scheme based on the hash function from supersingular elliptic curve isogenies over the finite field <inline-formula> <tex-math notation="LaTeX">$\mathbb {F}_{p^{2}}$ </tex-math></inline-formula> where <inline-formula> <tex-math notation="LaTeX">$p=2^{521}-1$ </tex-math></inline-formula>. Our signature scheme achieves smaller signature sizes relative to other post-quantum signature schemes based on supersingular elliptic curve isogenies, such as Galbraith’s signature schemes (AsiaCrypt 2017) and Yoo’s scheme (FC 2017). The structure of our scheme follows that of the hash-based signature scheme submitted to National Institute of Standards and Technology for post-quantum cryptography in 2018 with some modifications. To complete the construction, we firstly apply the method of Weil restriction to improve the efficiency of hash function from supersingular elliptic curve isogenies by approximately 30%, then propose a new Winternitz one-time signature scheme based on the hash function. Finally, we implement the signature scheme.

[1]  Dominique Unruh,et al.  Non-Interactive Zero-Knowledge Proofs in the Quantum Random Oracle Model , 2015, EUROCRYPT.

[2]  Craig Costello Computing supersingular isogenies on Kummer surfaces , 2018, IACR Cryptol. ePrint Arch..

[3]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2011, J. Math. Cryptol..

[4]  Frederik Vercauteren,et al.  CSI-FiSh: Efficient Isogeny based Signatures through Class Group Computations , 2019, IACR Cryptol. ePrint Arch..

[5]  Thorsten Kleinjung Quadratic sieving , 2016, Math. Comput..

[6]  David Jao,et al.  A Quantum Algorithm for Computing Isogenies between Supersingular Elliptic Curves , 2014, INDOCRYPT.

[7]  Frederik Vercauteren,et al.  Faster SeaSign signatures through improved rejection sampling , 2018, IACR Cryptol. ePrint Arch..

[8]  Florian Mendel,et al.  Haraka v2 - Efficient Short-Input Hashing for Post-Quantum Applications , 2017, IACR Trans. Symmetric Cryptol..

[9]  Kristin E. Lauter,et al.  Cryptographic Hash Functions from Expander Graphs , 2008, Journal of Cryptology.

[10]  W. Waterhouse,et al.  Abelian varieties over finite fields , 1969 .

[11]  David Jao,et al.  Isogeny-Based Quantum-Resistant Undeniable Signatures , 2014, PQCrypto.

[12]  Dominique Unruh,et al.  Post-quantum Security of Fiat-Shamir , 2017, ASIACRYPT.

[13]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[14]  Kristin E. Lauter,et al.  Supersingular Isogeny Graphs and Endomorphism Rings: Reductions and Solutions , 2018, EUROCRYPT.

[15]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[16]  Steven D. Galbraith,et al.  SeaSign: Compact isogeny signatures from class group actions , 2019, IACR Cryptol. ePrint Arch..

[17]  Tanja Lange,et al.  CSIDH: An Efficient Post-Quantum Commutative Group Action , 2018, IACR Cryptol. ePrint Arch..

[18]  Haibo Tian,et al.  Toward quantum-resistant strong designated verifier signature , 2014, Int. J. Grid Util. Comput..

[19]  Craig Costello,et al.  Jacobian Coordinates on Genus 2 Curves , 2014, ASIACRYPT.

[20]  N. Linial,et al.  Expander Graphs and their Applications , 2006 .

[21]  Chris Peikert,et al.  He Gives C-Sieves on the CSIDH , 2020, IACR Cryptol. ePrint Arch..

[22]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[23]  Paulo S. L. M. Barreto,et al.  Faster Cryptographic Hash Function From Supersingular Isogeny Graphs , 2017, IACR Cryptol. ePrint Arch..

[24]  Steven D. Galbraith,et al.  Identification Protocols and Signature Schemes Based on Supersingular Isogeny Problems , 2019, Journal of Cryptology.

[25]  Tal Malkin,et al.  Efficient Generic Forward-Secure Signatures with an Unbounded Number Of Time Periods , 2002, EUROCRYPT.

[26]  Reza Azarderakhsh,et al.  A Post-quantum Digital Signature Scheme Based on Supersingular Isogenies , 2017, Financial Cryptography.

[27]  Johannes A. Buchmann,et al.  On the Security of the Winternitz One-Time Signature Scheme , 2011, AFRICACRYPT.

[28]  Peter Schwabe,et al.  \mu Kummer: Efficient Hyperelliptic Signatures and Key Exchange on Microcontrollers , 2016, CHES.

[29]  Benjamin Smith,et al.  Fast, Uniform Scalar Multiplication for Genus 2 Jacobians with Fast Kummers , 2016, SAC.

[30]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[31]  Frederik Vercauteren,et al.  Computational problems in supersingular elliptic curve isogenies , 2017, IACR Cryptol. ePrint Arch..