CryptoDB
A Complete Security Proof of SQIsign
| Authors: |
|
|---|---|
| Download: | |
| Conference: | CRYPTO 2025 |
| Abstract: | SQIsign is the leading digital signature from isogenies. Despite the many improvements that have appeared in the literature, all its recents variants lack a complete security proof. In this work, we provide the first full security proof of SQIsign, as submitted to the second round of NIST’s on-ramp track for digital signatures. To do so, we introduce a new framework, which we call Fiat--Shamir with hints, that captures all those protocols where the simulator needs additional information to simulate a transcript. Using this framework, we show that SQIsign is EUF-CMA secure in the ROM, assuming the hardness of the One Endomorphism problem with hints, or the hardness of the Full Endomorphism Ring problem with hints together with a hint indistinguishability assumption; all assumptions, unlike previous ones in the literature, are non-interactive. Along the way, we prove several intermediate results that may be of independent interest. |
BibTeX
@inproceedings{crypto-2025-35706,
title={A Complete Security Proof of SQIsign},
publisher={Springer-Verlag},
author={Andrea Basso and Marius A. Aardal and Luca De Feo and Sikhar Patranabis and Benjamin Wesolowski},
year=2025
}