Description
This thesis aims to securely instantiate a post-quantum key-binding signature scheme using
a recent construction based on a commitment scheme. The focus is on using symmetric
primitives, specifically the LowMC and AES-block cipher, and to provide secure and practical
usable implementations. Key-blinding allows to generate blinded public keys, which work as
aliases for public keys and therefore provide anonymity. Key-blinding schemes are crucial for
maintaining anonymity and privacy, especially in applications like the Tor network and the
GNU Name System. However, the vulnerability of traditional cryptographic algorithms, such
as RSA and ECC, to quantum computing requires the development of quantum-resistant
key-blinding signature schemes.
In this thesis it will be shown that the construction can be securely instantiated with both
the LowMC and AES block ciphers, achieving full 128-bit security. Also, the instantiation approach
using LowMC is practically usable with signature sizes of about 21kB and signing and
verification time by about 20ms. The approach of AES achieves a slightly worse performance,
with a signature size of 33kB and signing and verification time about 35 ms.
All previously described key-blind signature schemes based on the PICNIC framework
have a significant weakness in a multi-user setting, because they require a fixed system
parameter. We implement an approach that mitigates this problem by only slightly increasing
the signature size.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching