1 |
Secure and efficient post-quantum cryptographic digital signature algorithmsMahmoud, Mahmoud Yehia Ahmed 24 August 2021 (has links)
Cryptographic digital signatures provide authentication to communicating parties over
communication networks. They are integral asymmetric primitives in cryptography. The
current digital signature infrastructure adopts schemes that rely on the hardness of finding
discrete logarithms and factoring in finite groups. Given the recent advances in physics
which point towards the eventual construction of large scale quantum computers, these
hard problems will be solved in polynomial time using Shor’s algorithm. Hence, there is a
clear need to migrate the cryptographic infrastructure to post-quantum secure alternatives.
Such an initiative is demonstrated by the PQCRYPTO project and the current Post-Quantum Cryptography (PQC) standardization competition run by the National Institute of Standards and Technology (NIST).
This dissertation considers hash-based digital signature schemes. Such algorithms rely
on simple security notions such as preimage, and weak and strong collision resistances
of hash functions. These notions are well-understood and their security against quantum
computers has been well-analyzed. However, existing hash-based signature schemes have large signature sizes and high computational costs. Moreover, the signature size increases with the number of messages to be signed by a key pair.
The goal of this work is to develop hash-based digital signature schemes to overcome the aforementioned limitations. First, FORS, the underlying few-time signature scheme of the NIST PQC alternate candidate SPHINCS+ is analyzed against adaptive chosen message attacks, and DFORS, a few-time signature scheme with adaptive chosen message security, is proposed. Second, a new variant of SPHINCS+ is introduced that improves the computational cost and security level. Security analysis for the new variant is presented. In addition, the hash-based group digital signature schemes, Group Merkle (GM) and Dynamic Group Merkle (DGM), are studied and their security is analyzed. Group Merkle Multi-Treem (GMMT) is proposed to solve some of the limitations of the GM and DGM hash-based group signature schemes. / Graduate
|
Page generated in 0.077 seconds