A Note on the Post-Quantum Security of (Ring) Signatures

12/11/2021
by   Rohit Chatterjee, et al.
0

This work revisits the security of classical signatures and ring signatures in a quantum world. For (ordinary) signatures, we focus on the arguably preferable security notion of blind-unforgeability recently proposed by Alagic et al. (Eurocrypt'20). We present two short signature schemes achieving this notion: one is in the quantum random oracle model, assuming quantum hardness of SIS; and the other is in the plain model, assuming quantum hardness of LWE with super-polynomial modulus. Prior to this work, the only known blind-unforgeable schemes are Lamport's one-time signature and the Winternitz one-time signature, and both of them are in the quantum random oracle model. For ring signatures, the recent work by Chatterjee et al. (Crypto'21) proposes a definition trying to capture adversaries with quantum access to the signer. However, it is unclear if their definition, when restricted to the classical world, is as strong as the standard security notion for ring signatures. They also present a construction that only partially achieves (even) this seeming weak definition, in the sense that the adversary can only conduct superposition attacks over the messages, but not the rings. We propose a new definition that does not suffer from the above issue. Our definition is an analog to the blind-unforgeability in the ring signature setting. Moreover, assuming the quantum hardness of LWE, we construct a compiler converting any blind-unforgeable (ordinary) signatures to a ring signature satisfying our definition.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
10/10/2021

Group Signatures and Accountable Ring Signatures from Isogeny-based Assumptions

Group signatures are an important cryptographic primitive providing both...
research
06/24/2022

An Improved Lattice-Based Ring Signature with Unclaimable Anonymity in the Standard Model

Ring signatures enable a user to sign messages on behalf of an arbitrary...
research
05/25/2023

Ring Signature from Bonsai Tree: How to Preserve the Long-Term Anonymity

Signer-anonymity is the central feature of ring signatures, which enable...
research
03/10/2018

Quantum-secure message authentication via blind-unforgeability

We consider the problem of unforgeable authentication of classical messa...
research
09/07/2023

An Anonymous yet Accountable Contract Wallet System using Account Abstraction

Account abstraction allows a contract wallet to initiate transaction exe...
research
01/02/2019

Accountable Tracing Signatures from Lattices

Group signatures allow users of a group to sign messages anonymously in ...
research
05/21/2023

Compact Lattice Gadget and Its Applications to Hash-and-Sign Signatures

This work aims to improve the practicality of gadget-based cryptosystems...

Please sign up or login with your details

Forgot password? Click here to reset