TY - GEN
T1 - Antrag
T2 - 29th Annual International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2023
AU - Espitau, Thomas
AU - Nguyen, Thi Thu Quyen
AU - Sun, Chao
AU - Tibouchi, Mehdi
AU - Wallet, Alexandre
N1 - Publisher Copyright:
© 2023, International Association for Cryptologic Research.
PY - 2023/1/1
Y1 - 2023/1/1
N2 - In this paper, we introduce a novel trapdoor generation technique for Prest’s hybrid sampler over NTRU lattices. Prest’s sampler is used in particular in the recently proposed Mitaka signature scheme (Eurocrypt 2022), a variant of the Falcon signature scheme, one of the candidates selected by NIST for standardization. Mitaka was introduced to address Falcon’s main drawback, namely the fact that the lattice Gaussian sampler used in its signature generation is highly complex, difficult to implement correctly, to parallelize or protect against side-channels, and to instantiate over rings of dimension not a power of two to reach intermediate security levels. Prest’s sampler is considerably simpler and solves these various issues, but when applying the same trapdoor generation approach as Falcon, the resulting signatures have far lower security in equal dimension. The Mitaka paper showed how certain randomness-recycling techniques could be used to mitigate this security loss, but the resulting scheme is still substantially less secure than Falcon (by around 20 to 50 bits of CoreSVP security depending on the parameters), and has much slower key generation. Our new trapdoor generation techniques solves all of those issues satisfactorily: it gives rise to a much simpler and faster key generation algorithm than Mitaka’s (achieving similar speeds to Falcon), and is able to comfortably generate trapdoors reaching the same NIST security levels as Falcon as well. It can also be easily adapted to rings of intermediate dimensions, in order to support the same versatility as Mitaka in terms of parameter selection. All in all, this new technique combines all the advantages of both Falcon and Mitaka (and more) with none of the drawbacks.
AB - In this paper, we introduce a novel trapdoor generation technique for Prest’s hybrid sampler over NTRU lattices. Prest’s sampler is used in particular in the recently proposed Mitaka signature scheme (Eurocrypt 2022), a variant of the Falcon signature scheme, one of the candidates selected by NIST for standardization. Mitaka was introduced to address Falcon’s main drawback, namely the fact that the lattice Gaussian sampler used in its signature generation is highly complex, difficult to implement correctly, to parallelize or protect against side-channels, and to instantiate over rings of dimension not a power of two to reach intermediate security levels. Prest’s sampler is considerably simpler and solves these various issues, but when applying the same trapdoor generation approach as Falcon, the resulting signatures have far lower security in equal dimension. The Mitaka paper showed how certain randomness-recycling techniques could be used to mitigate this security loss, but the resulting scheme is still substantially less secure than Falcon (by around 20 to 50 bits of CoreSVP security depending on the parameters), and has much slower key generation. Our new trapdoor generation techniques solves all of those issues satisfactorily: it gives rise to a much simpler and faster key generation algorithm than Mitaka’s (achieving similar speeds to Falcon), and is able to comfortably generate trapdoors reaching the same NIST security levels as Falcon as well. It can also be easily adapted to rings of intermediate dimensions, in order to support the same versatility as Mitaka in terms of parameter selection. All in all, this new technique combines all the advantages of both Falcon and Mitaka (and more) with none of the drawbacks.
KW - Discrete Gaussian sampling
KW - Hash-and-sign lattice-based signatures
KW - NTRU trapdoors
KW - Post-quantum cryptography
UR - https://www.scopus.com/pages/publications/85180637062
U2 - 10.1007/978-981-99-8739-9_1
DO - 10.1007/978-981-99-8739-9_1
M3 - Conference contribution
AN - SCOPUS:85180637062
SN - 9789819987382
T3 - Lecture Notes in Computer Science
SP - 3
EP - 36
BT - Advances in Cryptology – ASIACRYPT 2023 - 29th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
A2 - Guo, Jian
A2 - Steinfeld, Ron
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 4 December 2023 through 8 December 2023
ER -