SOLMAE:
quantum-Secure algOrithm for Long-term Message Authentication and Encryption
This webpage introduces the SOLMAE signature scheme submitted to the Korean Post-Quantum Competition. SOLMAE is a lattice-based signature scheme inspired by several pioneering works and stands for quantum-Secure algOrithm for Long-term Message Authentication and Encryption. At its core, it is based on the hash-then-sign signature paradigm proposed by Gentry, Peikert and Vaikuntanathan[GPV08]. To be efficiently instantiated, this framework needs a class of lattices enjoying efficiently computable trapdoor bases for the signing procedure.
– Compactness: the signature size, or the combined verification key plus signature size, are comparable to that of Falcon’s, which was the lightest in bandwidth consumption among the winning signatures in NIST’s competition.
– Simplicity and efficiency: the hybrid sampler is tailored to exploit the algebraic structures of NTRU lattices, involves only straightforward, elementary operations between polynomials, and is practically more efficient than the FFO sampler.
– Side-channel resilience: masking SOLMAE can be done with standard and well-understood counter-measures, at cheaper overhead than Falcon.
– Hybrid sampler: a faster, simpler, parallelizable and maskable Gaussian sampler to generate signatures.
– Optimally tuned key generation algorithm: enhancing the security of our new sampler to that of Falcon’s level.
– Dedicated compression techniques: reduce bandwidth consumption even further, at no cost on the security according to our analyses.
Performance
News
- This webpage was opened. (Aug. 8, 2023)
- 1R SOLMAE package was submitted. (Oct. 31, 2022)
- 1R SOLMAE specification was revised. (Feb. 19, 2023)
Resources
- Specification
- C Source
- 1R Submitted Package Ver. 1.0 (Oct. 31, 2022) [download]
- Python Source
- Uploaded Github Ver. 1.0 (Jul. 25, 2023) [github]
About us
- Kwangjo Kim (President@IRCS, Emeritus Prof.@KAIST), https://caislab.kaist.ac.kr/?page_id=43
- Mehdi Tibouchi (NTT, Japan), https://www.normalesup.org/~tibouchi/
- Thomas Espitau (PQSchield, UK), https://espitau.github.io/
- Alexandre Wallet (INRIA Rennes, France), https://awallet.github.io/
- Yang Yu (Tsinghua University, China), https://yuyang-crypto.github.io/
- Seungki Kim (U. of Cincinnati, USA), https://sites.google.com/view/seungki/home
Publications
1. Thomas Espitau, Pierre-Alain Fouque, François Gérard, Mélissa Rossi, Akira Takahashi, Mehdi Tibouchi, Alexandre Wallet, and Yang Yu, “Mitaka: A Simpler, Parallelizable, Maskable Variant of Falcon”, Proc. of Eurocrypt2022, Part III, pp.222-254. [pdf]
2. Thomas Espitau, Mehdi Tibouchi, Alexandre Wallet, and Yang Yu, “Shorter Hash-and-Sign Lattice-Based Signatures”, Proc. of Crypto2022, Part II, pp.245-276. [pdf]
3. Kwangjo Kim, “How SOLMAE was designed”, Proc. of CISC_S2023, Gangwon National Univ., Jun.22-23, 2023, Chun Cheon, Korea. [pdf]
4. Kwango Kim, “Theoretical and Empirical Analysis of FALCON and SOLMAE using their Python Implementation”, Accepted to ICISC2023, Seoul, Korea[pdf]
5. Léo Ducas, Thomas Espitau, and Eamonn W. Postlethwaite, “Finding Short Integer Solutions When the Modulus Is Small”, Proc. of Crypto2023, Part III, pp.150-176. [pdf]
6. Thomas Espitau, Thi Thu Quyen Nguyen, Chao Sun, Mehdi Tibouchi, and Alexandre Wallet, “Antrag: Annular NTRU Trapdoor Generation”, Presented to Asiacrypt2023,Guangzhou, China, [pdf], [slides]
7. Thomas Espitau, Alexandre Wallet, and Yang Yu, “On Gaussian Sampling, Smoothing Parameter and Application to Signatures”, Presented to Asiacrypt2023,Guangzhou, China, [pdf]
8. Kwangjo Kim and YeonJun Kim, ” Asymptotic complexity and performance comparison of Falcon and SOLMAE from their C implementation”, Submitted, [pdf]
9. Kwangjo Kim, Mehdi Tibouchi, Alexander Wallet, Thomas Espitau, Yang Yu and YeonJun Kim, “SOLMAE: Faster and simpler quantum-safe signature based on NTRU-lattices, [pdf]