| General | |
|---|---|
| Designers | Jorge Chavez-Saab, Maria Corte-Real Santos, Luca De Feo, Jonathan Komada Eriksen, Basil Hess, David Kohel, Antonin Leroux, Patrick Longa, Michael Meyer, Lorenz Panny, Sikhar Patranabis, Christophe Petit, Francisco Rodríguez Henríquez, Sina Schaeffler, Benjamin Wesolowski[1] |
| First published | 1 June 2023 |
| Cipher detail | |
| Key sizes | 64, 96 or 128 bytes depending on the NIST parameter set[2] |
| Structure | Supersingular isogeny graph |
| Best public cryptanalysis | |
| No known attacks. The SQIsign2D-East variant suffers from a specific vulnerability.[3] | |
SQIsign is a post-quantum signature scheme submitted to first round of the post-quantum standardisation process. It is based around a proof of knowledge of an elliptic curve[a] endomorphism that can be transformed to a signature scheme using the Fiat-Shamir transform.
It promises small key sizes between 64 and 128 bytes and small signature sizes between 177 and 335 bytes, which outperforms other post-quantum signature schemes that have a trade-off between signature and key sizes. SQIsign, however, has higher signing and verification times.[4] The original paper concluded that their C implementation takes 0.6s for key generation, 2.5s for a sign operation and 0.05s or 50ms for a verification operation.[5]
These times have been improved with new variations like SQIsign-east.[6]
The name stands for "Short Quaternion and Isogeny Signature" as it makes use of isogenies and quaternions.
east was invoked but never defined (see the help page).
Cite error: There are <ref group=lower-alpha> tags or {{efn}} templates on this page, but the references will not show without a {{reflist|group=lower-alpha}} template or {{notelist}} template (see the help page).