SQIsign

SQIsign is a post-quantum signature scheme submitted to first round of the post-quantum standardisation process. It is based around a proof of knowledge of an elliptic curve endomorphism that can be transformed to a signature scheme using the Fiat–Shamir transform.

It promises small key sizes between 64 and 128 bytes and small signature sizes between 177 and 335 bytes, which outperforms other post-quantum signature schemes that have a trade-off between signature and key sizes. SQIsign, however, has higher signing and verification times. The original paper concluded that their C implementation takes 0.6 s for key generation, 2.5 s for a sign operation and 0.05 s or 50 ms for a verification operation.

These times have been improved with new variations like SQIsign-east.

The name stands for "Short Quaternion and Isogeny Signature" as it makes use of isogenies and quaternions.

Security

SQIsign's security relies on the hardness of the endomorphism ring problem, which is currently considered hard.

The authors also provide a rationale for the chosen parameters in the last chapter of the specification.

While SQIsign makes use of a similar construction, the weaknesses of SIDH do not translate to it.

Implementations

There is a reference implementation hosted on GitHub.

Variants

There are a couple of variants based on the original SQIsign:

  • SQIsignHD: New dimensions in cryptography
  • SQIsign2D-West: The fast, the small, and the safer
  • SQIsign2D‑East: A new signature scheme using 2-dimensional isogenies
  • SQIPrime: A dimension 2 variant of SQISignHD with non-smooth challenge isogenies

References


Retrieved from "https://en.wikipedia.org/w/index.php?title=SQIsign&oldid=1260920929"
Uses material from the Wikipedia article SQIsign, released under the CC BY-SA 4.0 license.