2013
DOI: 10.1007/978-3-642-42045-0_4
|View full text |Cite
|
Sign up to set email alerts
|

The Fiat–Shamir Transformation in a Quantum World

Abstract: Abstract. The Fiat-Shamir transformation is a famous technique to turn identification schemes into signature schemes. The derived scheme is provably secure in the random-oracle model against classical adversaries. Still, the technique has also been suggested to be used in connection with quantum-immune identification schemes, in order to get quantum-immune signature schemes. However, a recent paper by Boneh et al. (Asiacrypt 2011) has raised the issue that results in the random-oracle model may not be immedia… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
21
0

Year Published

2014
2014
2019
2019

Publication Types

Select...
6
2
1

Relationship

1
8

Authors

Journals

citations
Cited by 33 publications
(21 citation statements)
references
References 46 publications
0
21
0
Order By: Relevance
“…Although making the DSSs less efficient, schemes by Gentry et al [2008] and Lyubashevsky [2012] are respectively shown by Boneh and Zhandry [2013] and Dagdelen et al [2013] to be secure to such an adversary, creating the quantum random oracle model. This could also motivate an important area for future research, such as proving security for more DSSs to a quantum adversary or possibly creating a generic technique that could turn a DSS secure in the random oracle model to one secure in the quantum random oracle model.…”
Section: Future Workmentioning
confidence: 99%
“…Although making the DSSs less efficient, schemes by Gentry et al [2008] and Lyubashevsky [2012] are respectively shown by Boneh and Zhandry [2013] and Dagdelen et al [2013] to be secure to such an adversary, creating the quantum random oracle model. This could also motivate an important area for future research, such as proving security for more DSSs to a quantum adversary or possibly creating a generic technique that could turn a DSS secure in the random oracle model to one secure in the quantum random oracle model.…”
Section: Future Workmentioning
confidence: 99%
“…Let X 2 be the set of all N 2 size-two subsets of X. In addition to (14), we are also interested in the following two representations of W defined by its action on the sets Y × X and Y × X 2 , respectively: (σ, π) : (y, x) → (π(y), σ π(y) (x)),…”
Section: Definition 43 ([25 Chapter 4])mentioning
confidence: 99%
“…They also do not allow the extractor to use a purified (i.e., unitary) adversary to avoid measurements that introduce randomness. 3 The unforgeability proof from [14] is already almost a proof of the proof of knowledge property. And the techniques from [33] can probably be applied to show that the protocol form [14] is zero-knowledge.…”
Section: Introductionmentioning
confidence: 99%
“…Isogeny-based cryptosystems to date have dealt primarily with encryption, with the exception of the entity authentication protocol of [13, §3.1]. We remark that, although entity authentication in the classical setting enables data authentication via the Fiat-Shamir transformation [14], the Fiat-Shamir transformation fails against a quantum adversary [10]. This work, together with Sun et al's construction of strong designated verifier signatures [30], provides some evidence that isogenies can also be used as the basis for signatures and data authentication in the post-quantum setting.…”
Section: Related Workmentioning
confidence: 99%