• Corpus ID: 119083637

Combinatorial Digital Signature Scheme

  title={Combinatorial Digital Signature Scheme},
  author={Eliane Koussa and Jean-Charles Faug{\`e}re and Gilles Macario-Rat and Jacques Patarin and Ludovic Perret},
We present here a new signature scheme based on a combinatorial problem named the Permuted Kernel Problem (PKP) [Sha89]. PKP is an NP-complete [GJ79] algebraic problem that consists of simple mathematical operations and involves only basic linear algebra. To solve PKP is to find a particular kernel vector for a publicly known matrix. Through the complexity analysis of solving PKP, we found the opposite of what is presented in [JJ01]. Precisely, we noticed that the most efficient algorithm for… 


Analysis of Some Natural Variants of the PKP Algorithm
It is shown in this paper that it is possible to improve this scheme significantly by combining new ideas in order to reduce the total number of computations to be performed and to improve very efficiently the security against side channel attacks using precomputations.
Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
We propose a new class of post-quantum digital signature schemes that: (a) derive their security entirely from the security of symmetric-key primitives, believed to be quantum-secure, and (b) have
Improved Algorithms for the Permuted Kernel Problem
This paper will see that it is possible to solve the PKP problem using less time that which was needed in [1] and [2], and much less memory than that needed in [-1]; and new algorithms are quicker and more practical than previous algorithms.
Cryptanalysis of PKP: A New Approach
In practice, it is found that attacking PKP for the original size proposed by Shamir in [6] could be done on a single PC in 125 years.
On the Security of the Permuted Kernel Identification Scheme
This paper presents a time-memory trade-off leading to a reduction of the computation time for solving the PKP problem, as compared with the best known attack.
On the Length of Cryptographic Hash-Values Used in Identification Schemes
This paper shows that 64-bit hash-values, a length often suggested, definitely decrease the level of the security of all these schemes, and proves that collision-resistance is a sufficient condition to achieve the claimed level of security.
How to Prove Yourself: Practical Solutions to Identification and Signature Problems
Simple identification and signature schemes which enable any user to prove his identity and the authenticity of his messages to any other user without shared or public keys are described.
Post-quantum Security of Fiat-Shamir
The Fiat-Shamir construction is an efficient transformation in the random oracle model for creating non-interactive proof systems and signatures from sigma-protocols, but Ambainis, Rosmanis, and Unruh ruled out non-relativizing proofs under those conditions in the quantum setting.
"Chinese & Match", an alternative to Atkin's "Match and Sort" method used in the SEA algorithm
This work proposes to take advantage of the partial information modulo Atkin's primes is redundant to eliminate the usual elliptic curve algebra in this phase of the SEA computation, resulting in an algorithm of similar complexity, but the space needed is smaller than what Atkin’s method requires.
Strengths and Weaknesses of Quantum Computing
It is proved that relative to an oracle chosen uniformly at random with probability 1 the class $\NP$ cannot be solved on a quantum Turing machine (QTM) in time $o(2^{n/2})$.