Falcon is a

post-quantum In cryptography, post-quantum cryptography (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack b ...

signature scheme A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...

selected by the

NIST The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical sci ...

at the fourth round of the post-quantum standardisation process. It has been designed by Thomas Prest, Pierre-Alain Fouque,

Jeffrey Hoffstein Jeffrey Ezra Hoffstein (born September 28, 1953 in New York City) is an American mathematician, specializing in number theory, automorphic forms, and cryptography. Education and career Hoffstein graduated with a bachelor's degree in 1974 from Cor ...

, Paul Kirchner, Vadim Lyubashevsky, Thomas Pornin, Thomas Ricosset, Gregor Seiler, William Whyte and Zhenfei Zhang. It relies on the hash-and-sign technique over the

Gentry Gentry (from Old French ''genterie'', from ''gentil'', "high-born, noble") are "well-born, genteel and well-bred people" of high social class, especially in the past. Word similar to gentle imple and decentfamilies ''Gentry'', in its widest ...

, Peikert and Vaikuntanathan framework over

NTRU NTRU is an open-source public-key cryptosystem that uses lattice-based cryptography to encrypt and decrypt data. It consists of two algorithms: NTRUEncrypt, which is used for encryption, and NTRUSign, which is used for digital signatures. Unli ...

lattices. The name ''Falcon'' is an

acronym An acronym is a word or name formed from the initial components of a longer name or phrase. Acronyms are usually formed from the initial letters of words, as in ''NATO'' (''North Atlantic Treaty Organization''), but sometimes use syllables, as ...

for ''Fast Fourier lattice-based compact signatures over NTRU''.

Properties

The design rationale of Falcon takes advantage of multiple tools to ensure compactness and efficiency with provable security. To achieve this goal, the use of a NTRU lattice allows the size of the signatures and public-key to be relatively small, while Fast Fourier sampling permits efficient signature computations. From a security point of view, the Gentry, Peikert and Vaikuntanathan framework enjoys a security reduction in the Quantum

Random Oracle Model In cryptography, a random oracle is an oracle (a theoretical black box) that responds to every ''unique query'' with a (truly) random response chosen uniformly from its output domain. If a query is repeated, it responds the same way every time t ...

Implementations and Performances

The authors of Falcon provide a reference implementation in C as required by the NIST and one in Python for simplicity. The set of parameters suggested by Falcon imply signatures of size 666 bytes for the NIST security level 1 (security comparable to breaking AES-128 bits). The key generation can be performed in 8.64 ms with a throughput of approximatively 6,000 signature per second and 28,000 verifications per second. On the other hand, the NIST security level 5 (comparable to breaking AES-256) requires signature of 1,280 bytes, a key generation under 28 ms and a throughput of 2,900 signatures per second and 13,650 verifications per second.

References

:1. :2. :3. :4. :5. :6. :7. :8. {{crypto-stub Asymmetric-key algorithms Digital signature schemes Lattice-based cryptography

Properties

Implementations and Performances

See also

References