An improved Durandal signature scheme  被引量：1

作　　者：Yongcheng SONG Xinyi HUANG Yi MU Wei WU 

机构地区：[1]Fujian Provincial Key Laboratory of Network Security and Cryptology, College of Mathematics and Informatics,Fujian Normal University

出　　处：《Science China(Information Sciences)》2020年第3期130-145,共16页中国科学（信息科学）（英文版）

基　　金：supported by National Natural Science Foundation of China (Grant Nos. 61822202, 61872087, 61841701, 61902070);GuangDong Natural Science Foundation (Grant No. 2019B010137002)

摘　　要：Constructing secure and effective code-based signature schemes has been an open problem. In this paper, we efficiently reduce the key size of the Durandal signature scheme introduced by Aragon et al.(EUROCRYPT 2019). We prove that the improved scheme is EUF-CMA secure by reducing its security to the advanced product spaces subspaces indistinguishability(PSSI+) problem, the decisional rank syndrome decoding(DRSD) problem, and the affine rank syndrome decoding(ARSD) problem under the random oracle model. Furthermore, our signature scheme is more secure than the Durandal scheme because recovering key attacks are equivalent to solving the rank syndrome decoding(RSD) problem, instead of the rank support learning(RSL) problem in the original Durandal scheme. Our signature scheme takes less time to generate a signature owing to the fact that our signature scheme enjoys smaller security parameters in comparison to the Duradual scheme. We compare the new scheme with existing code-based signature schemes and find that our signature scheme has advantages in terms of the public key size.Constructing secure and effective code-based signature schemes has been an open problem. In this paper, we efficiently reduce the key size of the Durandal signature scheme introduced by Aragon et al.(EUROCRYPT 2019). We prove that the improved scheme is EUF-CMA secure by reducing its security to the advanced product spaces subspaces indistinguishability(PSSI+) problem, the decisional rank syndrome decoding(DRSD) problem, and the affine rank syndrome decoding(ARSD) problem under the random oracle model. Furthermore, our signature scheme is more secure than the Durandal scheme because recovering key attacks are equivalent to solving the rank syndrome decoding(RSD) problem, instead of the rank support learning(RSL) problem in the original Durandal scheme. Our signature scheme takes less time to generate a signature owing to the fact that our signature scheme enjoys smaller security parameters in comparison to the Duradual scheme. We compare the new scheme with existing code-based signature schemes and find that our signature scheme has advantages in terms of the public key size.

关 键 词：post-quantum cryptography code-based cryptography rank metric digital signatures provable security 

分 类 号：TN918[电子电信—通信与信息系统] O413[电子电信—信息与通信工程]