đŸ‡źđŸ‡· Iran Proxy | https://www.wikipedia.org/wiki/SQIsign
Jump to content

SQIsign

Add links
From Wikipedia, the free encyclopedia
SQIsign
General
DesignersJorge Chavez-Saab, Maria Corte-Real Santos, Luca De Feo, Jonathan Komada Eriksen, Basil Hess, David Kohel, Antonin Leroux, Patrick Longa, Michael Meyer, Lorenz Panny, Sikhar Patranabis, Christophe Petit, Francisco RodrĂ­guez HenrĂ­quez, Sina Schaeffler, Benjamin Wesolowski[1]
First published1 June 2023 (2 years ago) (2023-06-01)
Cipher detail
Key sizes64, 96 or 128 bytes depending on the NIST parameter set[2]
StructureSupersingular isogeny graph
Best public cryptanalysis
No known attacks. The SQIsign2D-East variant suffers from a specific vulnerability.[3]

SQIsign is a post-quantum signature scheme submitted to first round of the post-quantum standardisation process. It is based around a proof of knowledge of an elliptic curve[a] endomorphism that can be transformed to a signature scheme using the Fiat–Shamir transform.

It promises small key sizes between 64 and 128 bytes and small signature sizes between 177 and 335 bytes, which outperforms other post-quantum signature schemes that have a trade-off between signature and key sizes. SQIsign, however, has higher signing and verification times.[4] The original paper concluded that their C implementation takes 0.6 s for key generation, 2.5 s for a sign operation and 0.05 s or 50 ms for a verification operation.[5]

These times have been improved with new variations like SQIsign-east.[6]

The name stands for "Short Quaternion and Isogeny Signature" as it makes use of isogenies and quaternions.

Security

[edit]

SQIsign's security relies on the hardness of the endomorphism ring problem, which is currently considered hard.[7][8]

The authors also provide a rationale for the chosen parameters in the last chapter of the specification.[1]

While SQIsign makes use of a similar construction, the weaknesses of SIDH do not translate to it.[1]

There is a security proof for SQIsign.[9]

Implementations

[edit]

There is a reference implementation hosted on GitHub.

SQIsign 2.0

[edit]

The team behind SQIsign improved the original design in their round 2 submission and incorporated improvements from the SQIsign2D-West variant.[10]

This has improved the signing time by a factor of 20 and the verification time by a factor of 6 while increasing the security level and reducing the signature size by 14%.[10]: 6 

Variants

[edit]

There are a couple of variants based on the original SQIsign:[11]

  • SQIsignHD: New dimensions in cryptography[12]
  • SQIsign2D-West: The fast, the small, and the safer[13]
  • SQIsign2D‑East: A new signature scheme using 2-dimensional isogenies[3]
  • SQIPrime: A dimension 2 variant of SQISignHD with non-smooth challenge isogenies[14]
  • SQIsign2D2: Improvement upon the SQIsign2D design.[15]

References

[edit]
  1. ^ a b c "SQIsign - Algorithm specifications and supporting documentation - Version 1.0" (PDF). Retrieved 2024-11-15.
  2. ^ "SQIsign - Algorithm specifications and supporting documentation - Version 1.0" (PDF). p. 4. Retrieved 2024-11-15.
  3. ^ a b Nakagawa, Kohei; Onuki, Hiroshi (2024). "SQIsign2D-East: A New Signature Scheme Using 2-dimensional Isogenies". Cryptology ePrint Archive. Retrieved 2024-11-17.
  4. ^ Westerbaan, Bas; Larisch, James; Ahmad, Suleman; Fayed, Marwan; Westerbaan, Bas; Valenta, Luke; Krivit, Alex (2021-11-08). "Sizing Up Post-Quantum Signatures". The Cloudflare Blog. Retrieved 2024-11-15.
  5. ^ Feo, Luca De; Kohel, David; Leroux, Antonin; Petit, Christophe; Wesolowski, Benjamin (2020). "SQISign: compact post-quantum signatures from quaternions and isogenies". Cryptology ePrint Archive. Retrieved 2024-11-18.
  6. ^ Nakagawa, Kohei; Onuki, Hiroshi (2024). "SQIsign2D-East: A New Signature Scheme Using 2-dimensional Isogenies". Cryptology ePrint Archive. Retrieved 2024-11-15.
  7. ^ Page, Aurel; Wesolowski, Benjamin (2023). "The supersingular Endomorphism Ring and One Endomorphism problems are equivalent". Cryptology ePrint Archive. arXiv:2309.10432. Retrieved 2024-11-15.
  8. ^ "THE SUPERSINGULAR ENDOMORPHISM RING PROBLEM GIVEN ONE ENDOMORPHISM" (PDF). Retrieved 2024-11-15.
  9. ^ Aardal, Marius A.; Basso, Andrea; Feo, Luca De; Patranabis, Sikhar; Wesolowski, Benjamin (2025). "A Complete Security Proof of SQIsign". Cryptology ePrint Archive. Retrieved May 16, 2025.
  10. ^ a b "SQIsign - Algorithm specifications and supporting documentation - Version 2.0" (PDF). Retrieved May 16, 2025.
  11. ^ "SQIsign". SQIsign. 2023-06-01. Retrieved 2024-11-17.
  12. ^ Dartois, Pierrick; Leroux, Antonin; Robert, Damien; Wesolowski, Benjamin (2023). "SQISignHD: New Dimensions in Cryptography". Cryptology ePrint Archive. Retrieved 2024-11-17.
  13. ^ Basso, Andrea; Feo, Luca De; Dartois, Pierrick; Leroux, Antonin; Maino, Luciano; Pope, Giacomo; Robert, Damien; Wesolowski, Benjamin (2024). "SQIsign2D-West: The Fast, the Small, and the Safer". Cryptology ePrint Archive. Retrieved 2024-11-17.
  14. ^ Duparc, Max; Fouotsa, Tako Boris (2024). "SQIPrime: A dimension 2 variant of SQISignHD with non-smooth challenge isogenies". Cryptology ePrint Archive. Retrieved 2024-11-17.
  15. ^ Xu, Zheng; Lin, Kaizhan; Zhao, Chang-An; Ouyang, Yi (2025). "SQIsign2D$^2$: New SQIsign2D Variant by Leveraging Power Smooth Isogenies in Dimension One". Cryptology ePrint Archive. Retrieved 2025-09-03.
  1. ^ specifically supersingular elliptic curves


Stub icon

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=SQIsign&oldid=1309308671"