Abstract:Preface

Abstract:In certain designs and applications of practical lattice-based cryptography, the use of a specialized variant of LWE problems, where the public matrix is sampled from a non-uniform distribution, is required to establish the security of the corresponding cryptographic schemes. Recently, the formal definition of LWE problems with semi-uniform seeds was introduced by the community, in which the hardness of Euclidean, ideal, and module lattice-based LWE problems with semi-uniform seeds was proved through reduction approach similar to those employed in the hardness proofs of entropic LWE problems. However, known reduction introduces significant losses in the Gaussian error parameters and lattice dimensions. Moreover, additional non-standard assumptions are required to demonstrate the hardness of LWE problems with semi-uniform seeds over rings. In this paper, a tighter reduction is proposed for LWE problems with semi-uniform seeds by incorporating modified techniques from the hardness proofs of Hint-LWE problems. The proposed reduction is unaffected by the algebraic structure of the underlying problems and can be uniformly applied to Euclidean, ideal, and module lattice-based LWE problems with semi-uniform seeds. The hardness of these LWE problems can be established based on standard LWE assumptions without the need for any additional non-standard assumption. Furthermore, the dimension of corresponding LWE problems remains unchanged, and the reduction introduces only minimal losses in Gaussian error parameters.

Abstract:SPHINCS⁺ is a stateless digital signature scheme designed using hash functions and has been proven resistant to quantum computing attacks. However, its wide practical application is constrained by the large size of the generated signature values. To address the issue of the lengthy signature value generated by the WOTS+ one-time signature scheme within SPHINCS⁺, a compact one-time signature scheme, SM3-OTS, based on Chinese cryptographic algorithm SM3, is proposed in this paper. The proposed scheme utilizes the binary and hexadecimal information of the message digest as the indices for node positions in the first 32 hash chains and the last 16 hash chains, respectively. This approach effectively reduces the key length and the signature value length compared to traditional one-time signature schemes based on hash functions. Compared to WOTS+ in SPHINCS⁺, Balanced WOTS+ in SPHINCS-α, and WOTS+C in SPHINCS⁺C, the proposed SM3-OTS shortens the signature value length by about 2%, 27%, and 26%, respectively, with a significant improvement in signing performance. In addition, by adopting the SM3 algorithm, SM3-OTS exhibits strong resistance to quantum attacks while maintaining well-balanced overall performance.

Abstract:Digital signature algorithms play a vital role in network security infrastructure. The majority of current digital signature schemes rely on RSA and ECC. However, with the rapid advancement of quantum computing, traditional public-key cryptographic schemes face increasing security risks. As a result, researching and deploying cryptographic schemes capable of resisting quantum attacks has become a critical research direction. Following multiple rounds of evaluation and analysis, National Institute of Standards and Technology (NIST) announced the post-quantum digital signature standard ML-DSA in August 2024, with Dilithium as its core algorithm. In light of the high-dimensional polynomial matrix operations characteristic of Dilithium, this paper proposes various optimization strategies based on the FPGA platform. These include multifunctional systolic array operation units with configurable parameters, dedicated polynomial parallel sampling modules, reconfigurable storage units designed for multiple parameter sets, and high-parallelism timing state machines tailored for complex multi-module architectures. These optimizations aim to overcome performance bottlenecks and achieve enhanced signature operation efficiency, ultimately realizing a digital signature hardware architecture that supports three security levels simultaneously. The proposed hardware architecture is deployed and evaluated on the Xilinx Artix-7 FPGA platform and compared against existing implementations. The results demonstrate that the proposed design achieves improvements in signature operation efficiency by factors of 7.4, 8.3, and 5.6 across the three security levels, respectively. This advancement provides a robust performance foundation for quantum-resistant digital signature applications and offers valuable insights for the engineering and practical deployment of lattice cryptographic schemes.

Abstract:With the widespread application of blockchain technology, authenticated storage, as a core component, plays a crucial role in ensuring data integrity and consistency. In traditional blockchain systems, authenticated storage is maintained through a series of cryptographic algorithms, which verify transactions and preserve the integrity of ledger states. However, the advent of quantum computers has introduced a significant threat to existing blockchain authentication storage technologies, raising the risk of data breaches and compromised integrity. The most advanced authenticated storage schemes primarily rely on the bilinear Diffie-Hellman assumption, which is susceptible to quantum attacks. To enhance the security and efficiency of authenticated storage, this paper introduces a stateless hash signature mechanism and proposes the quantum-resistant blockchain authenticated storage scheme EQAS. The proposed scheme decouples data storage from data authentication, utilizes random forest chains to efficiently generate commitment proofs, and employs a hyper tree structure to perform efficient authentication. Security analyses show that EQAS is resistant to quantum algorithm attacks. Comparative experiments with other authenticated storage schemes demonstrate the superior efficiency and performance of EQAS in handling blockchain authentication storage tasks.

Abstract:With the development of quantum computers, public blockchains relying on traditional elliptic curve digital signatures are expected to face disruptive security risks. A common solution involves the application of post-quantum digital signature algorithms within blockchain systems. For public blockchains utilizing the proof-of-work consensus mechanism, ensuring sufficient computing power is regarded as a critical foundation for security. Energy conservation and the maximization of computing power support have been identified as key research directions. Therefore, a post-quantum blockchain system featuring diversified computing power and autonomous post-quantum signature is proposed in this paper. The Dilithium signature scheme, recommended by the National Institute of Standards and Technology (NIST) as a preferred and general-purpose post-quantum signature standard, relies on the security of MLWE and MSIS problems in power-of-two cyclotomic rings. However, similar to the early adoption of the EC-DSA standard in Bitcoin without adherence to the NIST-specific elliptic curves, the rich algebraic structure of power-of-two cyclotomic rings poses greater risks and uncertainties regarding long-term security. To address this, a more conservative and secure approach, based on post-quantum lattice-based cryptography with fewer algebraic structures, is constructed. In this paper, a Dilithium variant, Dilithium-Prime, based on a large-Galois-group prime-degree prime-ideal field, is proposed as the signature algorithm for the post-quantum blockchain system to ensure high-confidence transaction signing with post-quantum security. To maximize the computing power support for the post-quantum public blockchain and address the current issue of declining mining pool and miner income, a multi-parent chain auxiliary proof-of-work consensus mechanism is introduced. This mechanism enables the request of computing power from all miners using Sha256 and Scrypt hash calculations to assist in consensus without increasing the workload for existing miners and mining pools. As a result, the source of computing power for the post-quantum blockchain is expanded, and the utilization rate of existing mining pools and miners is improved. In addition, a block and transaction structure, along with a difficulty adjustment algorithm tailored for this multi-parent chain auxiliary proof-of-work consensus mechanism, is proposed. This system stabilizes the block production ratio and production time across different levels of computing power and effectively responds to extreme cases, such as sudden surges or reductions in computing power, ensuring the system's robustness.