CryptoDB
Peter Schwabe
Publications
Year
Venue
Title
2018
PKC
SOFIA: $\mathcal {MQ}$MQ-Based Signatures in the QROM
Abstract
We propose SOFIA, the first $$\mathcal {MQ}$$MQ-based signature scheme provably secure in the quantum-accessible random oracle model (QROM). Our construction relies on an extended version of Unruh’s transform for 5-pass identification schemes that we describe and prove secure both in the ROM and QROM.Based on a detailed security analysis, we provide concrete parameters for SOFIA that achieve 128-bit post-quantum security. The result is SOFIA-4-128 with parameters carefully optimized to minimize signature size and maximize performance. SOFIA-4-128 comes with an implementation targeting recent Intel processors with the AVX2 vector-instruction set; the implementation is fully protected against timing attacks.
2018
TCHES
CRYSTALS-Dilithium: A Lattice-Based Digital Signature Scheme
Abstract
In this paper, we present the lattice-based signature scheme Dilithium, which is a component of the CRYSTALS (Cryptographic Suite for Algebraic Lattices) suite that was submitted to NIST’s call for post-quantum cryptographic standards. The design of the scheme avoids all uses of discrete Gaussian sampling and is easily implementable in constant-time. For the same security levels, our scheme has a public key that is 2.5X smaller than the previously most efficient lattice-based schemes that did not use Gaussians, while having essentially the same signature size. In addition to the new design, we significantly improve the running time of the main component of many lattice-based constructions – the number theoretic transform. Our AVX2-based implementation results in a speed-up of roughly a factor of 2 over the previously best algorithms that appear in the literature. The techniques for obtaining this speed-up also have applications to other lattice-based schemes.
2017
CHES
High-Speed Key Encapsulation from NTRU
Abstract
This paper presents software demonstrating that the 20-year-old NTRU cryptosystem is competitive with more recent lattice-based cryptosystems in terms of speed, key size, and ciphertext size. We present a slightly simplified version of textbook NTRU, select parameters for this encryption scheme that target the 128-bit post-quantum security level, construct a KEM that is CCA2-secure in the quantum random oracle model, and present highly optimized software targeting Intel CPUs with the AVX2 vector instruction set. This software takes only 307 914 cycles for the generation of a keypair, 48 646 for encapsulation, and 67 338 for decapsulation. It is, to the best of our knowledge, the first NTRU software with full protection against timing attacks.
2017
CHES
Gimli : A Cross-Platform Permutation
Abstract
This paper presents Gimli, a 384-bit permutation designed to achieve high security with high performance across a broad range of platforms, including 64-bit Intel/AMD server CPUs, 64-bit and 32-bit ARM smartphone CPUs, 32-bit ARM microcontrollers, 8-bit AVR microcontrollers, FPGAs, ASICs without side-channel protection, and ASICs with side-channel protection.
Program Committees
- Crypto 2021
- CHES 2021 (Program chair)
- CHES 2021
- Eurocrypt 2020
- CHES 2020
- CHES 2019
- CHES 2018
- Asiacrypt 2017
- Asiacrypt 2016
- Eurocrypt 2016
- PKC 2016
- PKC 2015
- Asiacrypt 2015
- CHES 2015
- CHES 2014
- Asiacrypt 2013
Coauthors
- Gerd Ascheid (1)
- Dominik Auras (1)
- Lejla Batina (1)
- Daniel J. Bernstein (7)
- Ming-Shing Chen (2)
- Tung Chou (1)
- Chitchanok Chuengsatiansup (1)
- Léo Ducas (1)
- Niels Duif (1)
- Daira Hopwood (1)
- Andreas Hülsing (5)
- Michael Hutter (1)
- David Kammler (1)
- Emilia Käsper (1)
- Eike Kiltz (1)
- Stefan Kölbl (1)
- Tanja Lange (4)
- Markus Langenberg (1)
- Tancrède Lepoint (1)
- Stefan Lucks (1)
- Vadim Lyubashevsky (1)
- Pedro Maat Costa Massolino (1)
- Rudolf Mathar (1)
- Florian Mendel (1)
- Elke De Mulder (1)
- Kashif Nawaz (1)
- Ruben Niederhagen (1)
- Louiza Papachristodoulou (1)
- Joost Renes (1)
- Joost Rijneveld (4)
- Simona Samardjiska (2)
- John M. Schanck (1)
- Hanno Scharwächter (1)
- Jürgen Schilling (1)
- Tobias Schneider (1)
- Michael Schneider (1)
- Gregor Seiler (1)
- Benjamin Smith (1)
- François-Xavier Standaert (1)
- Damien Stehlé (1)
- Yosuke Todo (1)
- Benoît Viguier (1)
- Wolfgang Wieser (1)
- Zooko Wilcox-O'Hearn (1)
- Bo-Yin Yang (1)
- Diandian Zhang (1)