Abstract
In addition to their usefulness in proving one’s identity electronically, identification protocols based on zero-knowledge proofs allow designing secure cryptographic signature schemes by means of the Fiat–Shamir transform or other similar constructs. This approach has been followed by many cryptographers during the NIST (National Institute of Standards and Technology) standardization process for quantum-resistant signature schemes. NIST candidates include solutions in different settings, such as lattices and multivariate and multiparty computation. While error-correcting codes may also be used, they do not provide very practical parameters, with a few exceptions. In this manuscript, we explored the possibility of using the error-correcting codes proposed by Stakhov in 2006 to design an identification protocol based on zero-knowledge proofs. We showed that this type of code offers a valid alternative in the error-correcting code setting to build such protocols and, consequently, quantum-resistant signature schemes.
Highlights
IntroductionIt is necessary to electronically prove one’s identity. Typical scenarios include local access to a computer account, remote login to a server over a network, ATM withdrawals, communication permissions through a port, and many others
In many situations, it is necessary to electronically prove one’s identity
An interactive identification scheme involving a commitment-challenge-response sequence can often be converted into a non-interactive signature scheme, by replacing the random challenge of the verifier by the output of a one-way hash applied to the concatenation of the commitment and the message to be signed
Summary
It is necessary to electronically prove one’s identity. Typical scenarios include local access to a computer account, remote login to a server over a network, ATM withdrawals, communication permissions through a port, and many others. An interactive identification scheme involving a commitment-challenge-response sequence can often be converted into a non-interactive signature scheme, by replacing the random challenge of the verifier by the output of a one-way hash applied to the concatenation of the commitment and the message to be signed (the hash essentially plays the role of verifier) This technique has been used to design several quantum-resistant signature schemes based on error-correcting codes [1,2], lattices [3,4], multivariate systems [5], or multiparty computation [6], some of which are recent proposals in the NIST standardization process for quantum secure public key cryptosystems [7]. In Appendix A, we provide a concrete example of our solution
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.