The Cracking of WalnutDSA: A Survey

José Ignacio Escribano Pablos; María Isabel González Vasco; Misael Enrique Marriaga; Ángel Luis Pérez del Pozo

doi:10.3390/sym11091072

The Cracking of WalnutDSA: A Survey

Symmetry ◽

10.3390/sym11091072 ◽

2019 ◽

Vol 11 (9) ◽

pp. 1072

Author(s):

José Ignacio Escribano Pablos ◽

María Isabel González Vasco ◽

Misael Enrique Marriaga ◽

Ángel Luis Pérez del Pozo

Keyword(s):

Braid Group ◽

Digital Signature ◽

Design Principles ◽

Signature Scheme ◽

Digital Signature Algorithm ◽

Finite Set ◽

Security Properties ◽

Theoretical Construction

This paper reports on the Walnut Digital Signature Algorithm (WalnutDSA), which is an asymmetric signature scheme recently presented for standardization at the NIST call for post-quantum cryptographic constructions. WalnutDSA is a group theoretical construction, the security of which relies on the hardness of certain problems related to an action of a braid group on a finite set. In spite of originally resisting the typical attacks succeeding against this kind of construction, soon different loopholes were identified rendering the proposal insecure (and finally, resulting in it being excluded from Round 2 of the NIST competition). Some of these attacks are related to the well-structured and symmetric masking of certain secret elements during the signing process. We explain the design principles behind this proposal and survey the main attack strategies that have succeeded, contradicting its claimed security properties, as well as the recently-proposed ideas aimed at overcoming these issues.

Download Full-text

Attack on Kayawood protocol: uncloaking private keys

Journal of Mathematical Cryptology ◽

10.1515/jmc-2019-0015 ◽

2020 ◽

Vol 15 (1) ◽

pp. 237-249

Author(s):

Matvei Kotov ◽

Anton Menshov ◽

Alexander Ushakov

Keyword(s):

Heuristic Algorithm ◽

Braid Group ◽

Key Agreement ◽

Private Key ◽

The Core ◽

Key Agreement Protocol ◽

Finite Set ◽

Security Properties ◽

The Right ◽

Parameter Values

AbstractWe analyze security properties of a two-party key-agreement protocol recently proposed by I. Anshel, D. Atkins, D. Goldfeld, and P. Gunnels, called Kayawood protocol. At the core of the protocol is an action (called E-multiplication) of a braid group on some finite set. The protocol assigns a secret element of a braid group to each party (private key). To disguise those elements, the protocol uses a so-called cloaking method that multiplies private keys on the left and on the right by specially designed elements (stabilizers for E-multiplication).We present a heuristic algorithm that allows a passive eavesdropper to recover Alice’s private key by removing cloaking elements. Our attack has 100% success rate on randomly generated instances of the protocol for the originally proposed parameter values and for recent proposals that suggest to insert many cloaking elements at random positions of the private key. Implementation of the attack is available on GitHub.

Download Full-text

Committing to quantum resistance: a slow defence for Bitcoin against a fast quantum computing attack

Royal Society Open Science ◽

10.1098/rsos.180410 ◽

2018 ◽

Vol 5 (6) ◽

pp. 180410 ◽

Cited By ~ 9

Author(s):

I. Stewart ◽

D. Ilie ◽

A. Zamyatin ◽

S. Werner ◽

M. F. Torshizi ◽

...

Keyword(s):

Quantum Computing ◽

Digital Signature ◽

Public Key Cryptography ◽

Public Key ◽

Quantum Computers ◽

Signature Scheme ◽

Integer Factorization ◽

Digital Signature Algorithm ◽

Mathematical Problems ◽

Digital Signature Scheme

Quantum computers are expected to have a dramatic impact on numerous fields due to their anticipated ability to solve classes of mathematical problems much more efficiently than their classical counterparts. This particularly applies to domains involving integer factorization and discrete logarithms, such as public key cryptography. In this paper, we consider the threats a quantum-capable adversary could impose on Bitcoin, which currently uses the Elliptic Curve Digital Signature Algorithm (ECDSA) to sign transactions. We then propose a simple but slow commit–delay–reveal protocol, which allows users to securely move their funds from old (non-quantum-resistant) outputs to those adhering to a quantum-resistant digital signature scheme. The transition protocol functions even if ECDSA has already been compromised. While our scheme requires modifications to the Bitcoin protocol, these can be implemented as a soft fork.

Download Full-text

Research on a New Signature Scheme on Blockchain

Security and Communication Networks ◽

10.1155/2017/4746586 ◽

2017 ◽

Vol 2017 ◽

pp. 1-10 ◽

Cited By ~ 4

Author(s):

Chao Yuan ◽

Mi-xue Xu ◽

Xue-ming Si

Keyword(s):

Digital Signature ◽

Discrete Logarithm ◽

Signature Scheme ◽

Bilinear Maps ◽

The Core ◽

Aggregate Signature ◽

Core Technology ◽

Security Properties ◽

And Performance ◽

Inputs And Outputs

With the rise of Bitcoin, blockchain which is the core technology of Bitcoin has received increasing attention. Privacy preserving and performance on blockchain are two research points in academia and business, but there are still some unresolved issues in both respects. An aggregate signature scheme is a digital signature that supports making signatures on many different messages generated by many different users. Using aggregate signature, the size of the signature could be shortened by compressing multiple signatures into a single signature. In this paper, a new signature scheme for transactions on blockchain based on the aggregate signature was proposed. It was worth noting that elliptic curve discrete logarithm problem and bilinear maps played major roles in our signature scheme. And the security properties of our signature scheme were proved. In our signature scheme, the amount will be hidden especially in the transactions which contain multiple inputs and outputs. Additionally, the size of the signature on transaction is constant regardless of the number of inputs and outputs that the transaction contains, which can improve the performance of signature. Finally, we gave an application scenario for our signature scheme which aims to achieve the transactions of big data on blockchain.

Download Full-text

DIGITAL SIGNATURE :BEST PRACTICE SOLUTION FOR THE DISTRIBUTION OF LETTERS IN COLLEGE

CCIT Journal ◽

10.33050/ccit.v6i3.355 ◽

2013 ◽

Vol 6 (3) ◽

pp. 265-286

Author(s):

Untung Rahardja ◽

Muhamad Yusup ◽

Ari Asmawati

Keyword(s):

Literature Review ◽

Digital Signature ◽

Best Practice ◽

Flow Distribution ◽

Use Case ◽

Electronic Document ◽

Signature Scheme ◽

Directional Flow ◽

Digital Signature Algorithm ◽

Digital Signature Scheme

Purpose of implementation ofweb-based information systems that allow user stoaccess information anywhere and anytime. Especiallyin making letters out stillusea wet signature. So that has not been able to provide information quickly and accurately. Identified there are7 (seven) point concerns the handling and processing of the paperstoday. However, the problem can besolved by building a Digital Signature Designand is online, so it can reduce the error rate and the information obtainedis really precise, accurate and in accordance with the needs. Obviously with the directional flow methodology description, ranging from th eillustration Figure Digital Signature, Flow distribution sub part Digital Signature, Digital Signature Flowchart, cycle and Digital Signature Digital Signature Use Case. From the Literature Review,has been much research on the Digital Signature Algorithm and Digital Signature Scheme. In the implementation phaseof the prototype described in detail the design of Digital Signature, the program listings are shown to display a letter that has been approved and has been signed. It can be also generatedauthentication system called digital signature is a waytoen sure the authenticity of an electronic document and keep documents in a time sender can not deny that she has sent the document.

Download Full-text

On the Efficiency of the Lamport Signature Scheme

Land Forces Academy Review ◽

10.2478/raft-2020-0033 ◽

2020 ◽

Vol 25 (3) ◽

pp. 275-280

Author(s):

Daniel Zentai

Keyword(s):

Digital Signature ◽

Quantum Computers ◽

Signature Scheme ◽

Running Time ◽

Digital Signature Algorithm ◽

The World ◽

Cryptographic Algorithms ◽

Simulation Results ◽

Quantum Resistant Cryptography

AbstractPost-quantum (or quantum-resistant) cryptography refers to a set of cryptographic algorithms that are thought to remain secure even in the world of quantum computers. These algorithms are usually considered to be inefficient because of their big keys, or their running time. However, if quantum computers became a reality, security professionals will not have any other choice, but to use these algorithms. Lamport signature is a hash based one-time digital signature algorithm that is thought to be quantum-resistant. In this paper we will describe some simulation results related to the efficiency of the Lamport signature.

Download Full-text

Proxy-Protected Proxy Multi-Signature Based on Elliptic Curve

International Journal of Informatics and Communication Technology (IJ-ICT) ◽

10.11591/ijict.v3i1.pp67-72 ◽

2014 ◽

Vol 3 (1) ◽

pp. 67

Author(s):

Manoj Kumar Chande ◽

Balwant Singh Thakur

Keyword(s):

Low Power ◽

Elliptic Curve ◽

Digital Signature ◽

Discrete Logarithm ◽

Proxy Signature ◽

Entire Group ◽

Signature Scheme ◽

Signature Schemes ◽

Basic Properties ◽

Digital Signature Algorithm

In this work, we propose a proxy-protected proxy multi-signature scheme based on EllipticCurve Digital Signature Algorithm (ECDSA), which aims at providing data authenticity,integrity, and non-repudiation to satisfy the basic properties of partial delegation proxy signaturedescribed by Mambo et al. as well as strong proxy signature properties defined byLee et. al. The proposed signing/verifying scheme combines the advantages of proxyprotectedsignature and multi-signature scheme. The security of the proposed schemes isbased on the difficulty of breaking the elliptic curve discrete logarithm problem (ECDLP).The scheme proposed is faster and secure than the multi-signature based on factoring ordiscrete logarithm problem (DLP). The final multi-signature of a message can be verifiedindividually for each signer or collectively for a subgroup or entire group as well. Finally,the proposed proxy-protected proxy multi-signature schemes can be used in E-commerceand E-government application, which can be implemented using low power and small processingdevices.

Download Full-text

Certificateless and provably-secure digital signature scheme based on elliptic curve

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v9i4.pp3228-3231 ◽

2019 ◽

Vol 9 (4) ◽

pp. 3228

Author(s):

Dhanashree Toradmalle ◽

Jayabhaskar Muthukuru ◽

B Sathyanarayana

Keyword(s):

Digital Signature ◽

Digital Signatures ◽

Vital Role ◽

Signature Scheme ◽

Digital Signature Algorithm ◽

Cryptographic Algorithms ◽

Constrained Environments ◽

Digital Signature Scheme ◽

The Web ◽

Provably Secure

With the internet today available at the user’s beck, and call data or Information Security plays a vital role. Confidentiality, Integrity, Availability, and Non-repudiation are the pillars of security on which every application on the web is based on. With these basic requirements the users also need the security in low resource constrained environments making it more challenging for the security experts to design secured cryptographic algorithms. Digital Signatures play a pivotal role in Authentication. They help in verifying the integrity of the data being exchanged. Elliptical curves are the strongest contenders in Digital Signatures, and much research is being done to enhance the method in many ways. The paper briefs a secured and improved ECDSA Elliptical Curve Digital Signature Algorithm which is an improved and secured version of the Digital Signature Algorithm.

Download Full-text

Improving the Performance of the Picnic Signature Scheme

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i4.154-188 ◽

2020 ◽

pp. 154-188 ◽

Cited By ~ 1

Author(s):

Daniel Kales ◽

Greg Zaverucha

Keyword(s):

Digital Signature ◽

Independent Interest ◽

Quantum Computers ◽

Signature Scheme ◽

Digital Signature Algorithm ◽

Current Specification ◽

Symmetric Key

Picnic is a digital signature algorithm designed to provide security against attacks by quantum computers. The design uses only symmetric-key primitives, and is an efficient instantiation of the MPC-in-the-head paradigm. In this work, we explore the Picnic design in great detail. We investigate and benchmark different parameter choices and show that there exist better parameter choices than those in the current specification. We also present improvements to the MPC protocol that shorten signatures and reduce signing time. The proposed MPC changes tailor the protocol to the circuit of interest in Picnic, but may also be of independent interest. Taken together, these changes give a new instantiation of Picnic that signs messages 7.9 to 13.9 times faster, and verifies signatures 4.5 to 5.5 times faster than the existing “Picnic2” design, while having nearly the same signature sizes.

Download Full-text