39
15

Wave: A New Code-Based Signature Scheme

Abstract

We present here Wave the first 'hash-and-sign' code-based signature scheme which strictly follows the GPV strategy [GPV08]. It uses the family of ternary generalized (U,U+V)(U,U+V) codes. We prove that Wave achieves existential unforgeability under adaptive chosen message attacks (EUF-CMA) in the random oracle model (ROM) with a tight reduction to two assumptions from coding theory: one is a distinguishing problem that is related to the trapdoor we insert in our scheme, the other one is DOOM, a multiple target version of syndrome decoding. The algorithm produces uniformly distributed signatures through a suitable rejection sampling. Our scheme enjoys efficient signature and verification algorithms. For 128 bits of classical security, signature are 88 thousand bits long and the public key size is slightly smaller than one megabyte. Furthermore, with our current choice of parameters, the rejection rate is limited to one rejection every 3 or 4 signatures.

View on arXiv
Comments on this paper