Post-Quantum Signatures

Digital signatures have become a key technology for making the Internet and other IT infrastructures secure. But in 1994 Peter Shor showed that quantum computers can break all digital signature schemes that are used today and in 2001 Chuang and his coworkers implemented Shor’s algorithm for the first time on a 7-qubit NMR quantum computer. This paper studies the question: What kind of digital signature algorithms are still secure in the age of quantum computers?

[1]  Jacques Stern,et al.  Can One Design a Signature Scheme Based on Error-Correctin Codes? , 1994, ASIACRYPT.

[2]  I. Chuang,et al.  Experimental realization of Shor's quantum factoring algorithm using nuclear magnetic resonance , 2001, Nature.

[3]  Jung Hee Cheon,et al.  New Public-Key Cryptosystem Using Braid Groups , 2000, CRYPTO.

[4]  H. Minkowski,et al.  Geometrie der Zahlen , 1896 .

[5]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[6]  Matthieu Finiasz,et al.  How to Achieve a McEliece-Based Digital Signature Scheme , 2001, ASIACRYPT.

[7]  Craig Gentry,et al.  Cryptanalysis of the Revised NTRU Signature Scheme , 2002, EUROCRYPT.

[8]  Stephen B. Wicker,et al.  A Digital Signature Scheme Based on Linear Error-correcting Block Codes , 1994, ASIACRYPT.

[9]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[10]  J. Hoffstein,et al.  The NTRU Signature Scheme : Theory and Practice , 2001 .

[11]  Volker Gebhardt A New Approach to the Conjugacy Problem in Garside Groups , 2003 .

[12]  Shafi Goldwasser,et al.  Complexity of lattice problems , 2002 .

[13]  Keisuke Tanaka,et al.  Quantum Public-Key Cryptosystems , 2000, CRYPTO.

[14]  Claus-Peter Schnorr,et al.  Lattice Reduction by Random Sampling and Birthday Methods , 2003, STACS.

[15]  Lein Harn,et al.  Cryptanalysis and modification of digital signature scheme based on error-correcting code , 1992 .

[16]  Jang-Won Lee,et al.  New Signature Scheme Using Conjugacy Problem , 2002, IACR Cryptol. ePrint Arch..

[17]  Stephen B. Wicker,et al.  Security of Xinmei digital signature scheme , 1992 .

[18]  Jung Hee Cheon,et al.  An Efficient Implementation of Braid Groups , 2001, ASIACRYPT.

[19]  Oded Goldreich,et al.  Public-Key Cryptosystems from Lattice Reduction Problems , 1996, CRYPTO.

[20]  Jacques Patarin,et al.  Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88 , 1995, CRYPTO.

[21]  Miklós Ajtai,et al.  The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract) , 1998, STOC '98.

[22]  Kwangjo Kim,et al.  Weak Property of Malleability in NTRUSign , 2004, ACISP.

[23]  Christoph Ludwig,et al.  The Security and Efficiency of Micciancio's Cryptosystem , 2004, IACR Cryptol. ePrint Arch..

[24]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[25]  Anne Canteaut,et al.  Cryptanalysis of the Original McEliece Cryptosystem , 1998, ASIACRYPT.

[26]  Jung Hee Cheon,et al.  A Polynomial Time Algorithm for the Braid Diffie-Hellman Conjugacy Problem , 2003, CRYPTO.

[27]  Adam D. Smith,et al.  Authentication of quantum messages , 2001, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[28]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[29]  Craig Gentry,et al.  Cryptanalysis of the NTRU Signature Scheme (NSS) from Eurocrypt 2001 , 2001, ASIACRYPT.

[30]  Jean-Charles Faugère Algebraic cryptanalysis of HFE using Gröbner bases , 2002 .

[31]  Joseph H. Silverman,et al.  NSS: An NTRU Lattice-Based Signature Scheme , 2001, EUROCRYPT.

[32]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[33]  Miklós Ajtai,et al.  The worst-case behavior of schnorr's algorithm approximating the shortest nonzero vector in a lattice , 2003, STOC '03.

[34]  Carlos Coronado On the security and the efficiency of the Merkle signature scheme , 2005, IACR Cryptol. ePrint Arch..

[35]  F. A. Garside,et al.  THE BRAID GROUP AND OTHER GROUPS , 1969 .

[36]  Claus-Peter Schnorr,et al.  Fast LLL-type lattice reduction , 2006, Inf. Comput..

[37]  Oded Regev,et al.  New lattice based cryptographic constructions , 2003, STOC '03.

[38]  Hugh R. Morton,et al.  ALGORITHMS FOR POSITIVE BRAIDS , 1994 .

[39]  Ravi Kannan,et al.  Minkowski's Convex Body Theorem and Integer Programming , 1987, Math. Oper. Res..

[40]  Joachim von zur Gathen,et al.  Computing Frobenius maps and factoring polynomials , 1992, STOC '92.

[41]  Adi Shamir,et al.  Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization , 1999, CRYPTO.

[42]  Louis Goubin,et al.  SFLASHv3, a fast asymmetric signature scheme , 2003, IACR Cryptol. ePrint Arch..

[43]  A. Shamir,et al.  Cryptanalysis of the HFE Public Key Cryptosystem , 1999 .

[44]  Robert J. McEliece,et al.  A public key cryptosystem based on algebraic coding theory , 1978 .

[45]  Dennis Hofheinz,et al.  A Practical Attack on Some Braid Group Based Cryptographic Primitives , 2003, Public Key Cryptography.

[46]  Daniele Micciancio,et al.  Improving Lattice Based Cryptosystems Using the Hermite Normal Form , 2001, CaLC.

[47]  Adi Shamir,et al.  Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations , 2000, EUROCRYPT.

[48]  Jacques Stern,et al.  The Hardness of Approximate Optima in Lattices, Codes, and Systems of Linear Equations , 1997, J. Comput. Syst. Sci..

[49]  Joachim von zur Gathen,et al.  Computing Frobenius maps and factoring polynomials , 2005, computational complexity.

[50]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[51]  Wang Xin-mei,et al.  Digital signature scheme based on error-correcting codes , 1990 .

[52]  Kwangjo Kim,et al.  On the Security of NTRUSign signature scheme , 2004 .

[53]  Claus-Peter Schnorr,et al.  Lattice basis reduction: Improved practical algorithms and solving subset sum problems , 1991, FCT.

[54]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[55]  Gilles Brassard,et al.  A note on the complexity of cryptography (Corresp.) , 1979, IEEE Trans. Inf. Theory.

[56]  Christoph Ludwig,et al.  A Faster Lattice Reduction Method Using Quantum Search , 2003, ISAAC.

[57]  Michel X. Goemans,et al.  Proceedings of the thirty-fifth annual ACM symposium on Theory of computing , 2003, STOC 2003.

[58]  Daniel R. Simon,et al.  On the power of quantum computation , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[59]  Cynthia Dwork,et al.  A public-key cryptosystem with worst-case/average-case equivalence , 1997, STOC '97.

[60]  D. Goldfeld,et al.  An algebraic method for public-key cryptography , 1999 .

[61]  Louis Goubin,et al.  C*-+ and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai , 1998, ASIACRYPT.