Quantum Security of a Compact Multi-Signature

Quantum Security of a Compact Multi-Signature

With the rapid advances in quantum computing, quantum security is now an indispensable property for any cryptographic system. In this paper, we study how to prove the security of a complex cryptographic system in the quantum random oracle model. We first give a variant of Zhandry’s compressed random...

Full description

Saved in:
Bibliographic Details
Main Author: Shaoquan Jiang
Format: Article
Language:English
Published: MDPI AG 2024-10-01
Series:Cryptography
Subjects:
compressed quantum random oracle
ring-LWE
multi-signature
identification scheme
Online Access:https://www.mdpi.com/2410-387X/8/4/50
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the rapid advances in quantum computing, quantum security is now an indispensable property for any cryptographic system. In this paper, we study how to prove the security of a complex cryptographic system in the quantum random oracle model. We first give a variant of Zhandry’s compressed random oracle (<b>CStO</b>), called a compressed quantum random oracle with adaptive special points (<b>CStO</b><i><sub>s</sub></i>). Then, we extend the on-line extraction technique of Don et al. (EUROCRYPT’22) from <b>CStO</b> to <inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><msub><mi mathvariant="bold">CStO</mi><mi>s</mi></msub></semantics></math></inline-formula>. We also extend the random experiment technique of Liu and Zhandry (CRYPTO’19) for extracting the <inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mi mathvariant="bold">CStO</mi></semantics></math></inline-formula> query that witnesses the future adversarial output. With these preparations, a systematic security proof in the quantum random oracle model can start with a random <b>CStO</b> experiment (that extracts the witness for the future adversarial output) and then converts this game to one involving <inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><msub><mi mathvariant="bold">CStO</mi><mi>s</mi></msub></semantics></math></inline-formula>. Next, the online extraction technique for <inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><msub><mi mathvariant="bold">CStO</mi><mi>s</mi></msub></semantics></math></inline-formula> can be applied to extract the witness for any online commitment. With this strategy, we give a security proof of our recent compact multi-signature framework that is converted from any weakly secure linear ID scheme. We also prove the quantum security of our recent lattice realization of this linear ID scheme by iteratively applying the weakly collapsing protocol technique of Liu and Zhandry (CRYPTO 2019). Combining these two results, we obtain the first quantum security proof for a compact multi-signature.
ISSN:2410-387X

Similar Items