2023 Fiscal Year Annual Research Report
New Paradigm to Construct Public Key Cryptographic Schemes for Lightweight Devices with Provable Security against Quantum Attackers
| Project/Area Number |
18K11292
|
|---|
| Research Institution | The University of Electro-Communications |
|---|
Principal Investigator |
SANTOSO BAGUS 電気通信大学, 大学院情報理工学研究科, 准教授 (40571956)
|
|---|
| Co-Investigator(Kenkyū-buntansha) |
太田 和夫 電気通信大学, 大学院情報理工学研究科, 特任教授 (80333491)
|
|---|
| Project Period (FY) |
2018-04-01 – 2024-03-31
|
| Keywords | BKW Algorithm / Tensor Rank Problem / LPN Problem / Multi-Signature / Zero-Knowledge |
|---|
| Outline of Annual Research Achievements |
In FY 2023, we proposed a new modification to the Blum-Kalai-Widgerson (BKW) algorithm, commonly used to solve Learning Parity with Noise (LPN) problems and Learning With Errors (LWE) lattice problems. LPN and LWE form the foundation of many post-quantum (PQ) cryptographic schemes, and the performance of the BKW algorithm helps determine the security parameters of these schemes. Our modification enhances the precision of the sample filtering sub-procedure in the LPN oracle, reducing the number of samples needed to solve LPN problems compared to the original BKW algorithm. This suggests that the security parameters of current PQ cryptographic schemes based on LPN and LWE may be insufficient, and larger parameters might be required to ensure practical security.
In another research area, we introduced a new computational problem based on the tensor rank problem and proved it to be NP-hard, meaning even quantum computers cannot solve it in the hardest cases. We also proposed a new zero-knowledge identification scheme based on this problem, ensuring security against quantum adversaries, assuming the average case of the problem remains hard for quantum computers.
Finally, we developed a new framework for constructing post-quantum multi-signatures, resulting in a two-round multi-signature scheme with nearly tight security under a decisional computational problem assumption. We implemented this framework using a standardized elliptic curve. The nearly tight security allows for more flexibility in key size selection in ensuring practical security.
|
