International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Security of the Fiat-Shamir Transformation in the Quantum Random-Oracle Model

Authors:
Jelle Don
Serge Fehr
Christian Majenz
Christian Schaffner
Download:
DOI: 10.1007/978-3-030-26951-7_13
Search ePrint
Search Google
Abstract: The famous Fiat-Shamir transformation turns any public-coin three-round interactive proof, i.e., any so-called $$\Sigma {\text {-protocol}}$$ , into a non-interactive proof in the random-oracle model. We study this transformation in the setting of a quantum adversary that in particular may query the random oracle in quantum superposition.Our main result is a generic reduction that transforms any quantum dishonest prover attacking the Fiat-Shamir transformation in the quantum random-oracle model into a similarly successful quantum dishonest prover attacking the underlying $$\Sigma {\text {-protocol}}$$ (in the standard model). Applied to the standard soundness and proof-of-knowledge definitions, our reduction implies that both these security properties, in both the computational and the statistical variant, are preserved under the Fiat-Shamir transformation even when allowing quantum attacks. Our result improves and completes the partial results that have been known so far, but it also proves wrong certain claims made in the literature.In the context of post-quantum secure signature schemes, our results imply that for any $$\Sigma {\text {-protocol}}$$ that is a proof-of-knowledge against quantum dishonest provers (and that satisfies some additional natural properties), the corresponding Fiat-Shamir signature scheme is secure in the quantum random-oracle model. For example, we can conclude that the non-optimized version of Fish, which is the bare Fiat-Shamir variant of the NIST candidate Picnic, is secure in the quantum random-oracle model.
BibTeX
@article{crypto-2019-29892,
  title={Security of the Fiat-Shamir Transformation in the Quantum Random-Oracle Model},
  booktitle={Advances in Cryptology – CRYPTO 2019},
  series={Lecture Notes in Computer Science},
  publisher={Springer},
  volume={11693},
  pages={356-383},
  doi={10.1007/978-3-030-26951-7_13},
  author={Jelle Don and Serge Fehr and Christian Majenz and Christian Schaffner},
  year=2019
}