Lattice-based Threshold Signature Optimization for RAM Constrained Devices

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F24%3APU151674" target="_blank" >RIV/00216305:26220/24:PU151674 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.eeict.cz/eeict_download/archiv/sborniky/EEICT_2023_sbornik_1.pdf" target="_blank" >https://www.eeict.cz/eeict_download/archiv/sborniky/EEICT_2023_sbornik_1.pdf</a>

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

Lattice-based Threshold Signature Optimization for RAM Constrained Devices

Popis výsledku v původním jazyce

The DS2 scheme is a lattice-based (n, n)-threshold signature based on the standardized Dilithium signature. However, deploying DS2, as well as Dilithium, on microcontrollers is a challenge due to the memory limitations of these devices. While the decryption phase can be implemented relatively straightforwardly, the key generation and signing phases require the generation and manipulation of large matrices and vectors, which can quickly exhaust the available memory on the microcontroller. In this paper, we propose an optimization of the DS2 key generation and signing algorithms tailored for microcontrollers. Our approach focuses on minimizing memory consumption by generating large elements, such as the commitment key ck and the random commitment parameter r, on the fly from random and non-random seeds. This approach significantly reduces the overall size of the signature from 143 KB to less than 5 KB, depending on the number of signers involved. We also split the algorithms into two distinct components: a security-critical part and a non-security-critical part. The security-critical part contains operations that require secret knowledge and must be run on the microcontroller itself. Conversely, the non-critical part contains operations that do not require secret knowledge and can be performed on a connected, more powerful central host.

Název v anglickém jazyce

Lattice-based Threshold Signature Optimization for RAM Constrained Devices

Popis výsledku anglicky

The DS2 scheme is a lattice-based (n, n)-threshold signature based on the standardized Dilithium signature. However, deploying DS2, as well as Dilithium, on microcontrollers is a challenge due to the memory limitations of these devices. While the decryption phase can be implemented relatively straightforwardly, the key generation and signing phases require the generation and manipulation of large matrices and vectors, which can quickly exhaust the available memory on the microcontroller. In this paper, we propose an optimization of the DS2 key generation and signing algorithms tailored for microcontrollers. Our approach focuses on minimizing memory consumption by generating large elements, such as the commitment key ck and the random commitment parameter r, on the fly from random and non-random seeds. This approach significantly reduces the overall size of the signature from 143 KB to less than 5 KB, depending on the number of signers involved. We also split the algorithms into two distinct components: a security-critical part and a non-security-critical part. The security-critical part contains operations that require secret knowledge and must be run on the microcontroller itself. Conversely, the non-critical part contains operations that do not require secret knowledge and can be performed on a connected, more powerful central host.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20203 - Telecommunications

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings I of the 30 th Conference STUDENT EEICT 2024: General papers

ISBN

978-80-214-6231-1

ISSN

—

e-ISSN

—

Počet stran výsledku

4

Strana od-do

147-150

Název nakladatele

Brno University of Technology, Faculty of Electrical Engineering and Communication

Místo vydání

Brno

Místo konání akce

Brno

Datum konání akce

23. 4. 2024

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—