An Identification Scheme from Lattice Distinguishing Problem
نویسنده
چکیده
We propose a new identification scheme from a newly introduced lattice problem. Our scheme is a provable identification problem based on a lattice problem. This affirmatively answers the question raised by Hoffstein and others on the possibility to construct a provable identification/signature scheme from lattice problems. We give a concrete realization of the identification scheme using the NTRU lattice. In this instance, the computation of the identification scheme is competitive to an RSA one. The drawback is higher communication cost. Possible related works are also discussed.
منابع مشابه
On the design and security of a lattice-based threshold secret sharing scheme
In this paper, we introduce a method of threshold secret sharing scheme (TSSS) in which secret reconstruction is based on Babai's nearest plane algorithm. In order to supply secure public channels for transmitting shares to parties, we need to ensure that there are no quantum threats to these channels. A solution to this problem can be utilization of lattice-based cryptosystems for these channe...
متن کاملA Concrete Treatment of Fiat-Shamir Signatures in the Quantum Random-Oracle Model
The Fiat-Shamir transform is a technique for combining a hash function and an identification scheme to produce a digital signature scheme. The resulting scheme is known to be secure in the random oracle model (ROM), which does not, however, imply security in the scenario where the adversary also has quantum access to the oracle. The goal of this current paper is to create a generic framework fo...
متن کاملA Lattice-Based Threshold Ring Signature Scheme
In this article, we propose a new lattice-based threshold ring signature scheme, modifying Aguilar’s code-based solution to use the short integer solution (SIS) problem as security assumption, instead of the syndrome decoding (SD) problem. By applying the CLRS identification scheme, we are also able to have a performance gain as result of the reduction in the soundness error to 1/2 per round. S...
متن کاملImproved Zero-Knowledge Identification with Lattices
Zero-knowledge identification schemes solve the problem of authenticating one party to another via an insecure channel without disclosing any additional information that might be used by an impersonator. In this paper we propose a scheme whose security relies on the existence of a commitment scheme and on the hardness of worst-case lattice problems. We adapt a code-based identification scheme d...
متن کاملConcurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
In this paper, we show that two variants of Stern’s identification scheme [IEEE Transaction on Information Theory ’96] are provably secure against concurrent attack under the assumptions on the worst-case hardness of lattice problems. These assumptions are weaker than those for the previous lattice-based identification schemes of Micciancio and Vadhan [CRYPTO ’03] and of Lyubashevsky [PKC ’08]....
متن کامل