MTAT magistritööd – Master's theses

Selle kollektsiooni püsiv URIhttps://hdl.handle.net/10062/30974

Sirvi

Sirvi MTAT magistritööd – Master's theses Märksõna "active security" järgi

Tulemuste filtreerimiseks trükkige paar esimest tähte
Nüüd näidatakse 1 - 1 1
  • Pisipilt
    Kirje
    Efficient Two-Party ML-DSA Protocol in Active Security Model
    (Tartu Ülikool, 2025) Kravtšenko, Semjon; Laud, Peeter, juhendaja; Krips, Toomas, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
    ML-DSA is a NIST standard that defines a signature scheme: a set of algorithms for creating and verifying digital signatures. Digital signatures can be used, for example, to authenticate to websites online and to sign documents. ML-DSA signatures, unlike signatures that follow so-called classical formats, are quantum-resistant: it is believed that forging ML-DSA signatures is inviable even with a cryptographically relevant quantum computer (that is not yet known to exist). The security of a signing scheme relies on the secrecy of the used private key material. One way to increase the security of a signing scheme is to distribute the secret material across multiple devices, such that a sufficient number of them need to cooperate to create a signature. One scheme, that distributes the key across two devices, is implemented in SplitKey® technology, which is used in a popular signing solution Smart-ID®. Unfortunately, a two-party scheme that could create standards-compliant quantum-resistant signatures does not exist. This thesis presents a novel two-party signing scheme capable of creating ML-DSA-compliant signatures — Duolithium. This scheme is resistant against potential active attacks by either party, both during the key generation and signing processes. The thesis proposes some parts of Duolithium that were invented as a part of this thesis research and documents the remaining parts with reliance on prior research. Additionally, this thesis presents a complete, tested for functionality implementation of Duolithium in Python, together with the results of the benchmarks of network overhead and computational performance. The benchmark results suggest that Duolithium may be used to implement a new, quantum-resistant version of SplitKey that would be fully compatible with any signature verification component that supports ML-DSA.