Threshold Lattice-Based Signature Scheme for Authentication by Wearable Devices
Abstract
:1. Introduction
2. Preliminaries
- A set of keys S with the parameter , consisting of polynomials with small coefficients: , where ;
- A set C with parameter k consisting of binary and sparse polynomials: , where .
- 1.
- Knowledge of any t or more pieces makes D easily computable;
- 2.
- Knowledge of any or fewer pieces leaves D completely undetermined (in the sense that all its possible values are equally likely).
- Secret sharing.Let p is a prime number such that , the dealer builds a ring of polynomials on it and generates a polynomial of degree as follows:Let each user have their unique identifier , such that there are no two and such that ; the dealer sends each participant his share of the secret as the value of the previously generated polynomial at the point of his , calculated as follows:Thus, each participant eventually gets a pair , which is his part of the secret.
- Recovering a secret.In order to recover the secret, a group of t participants gathers together and calculates a polynomial using the Lagrange interpolation formula. Each user computes the Lagrange coefficient, using of each user, which is known by the following formula:Next, the polynomial is restored using the following formula:The resulting polynomial as a free term will contain a secret value D, i.e., the group of participants successfully obtains the secret data.
3. Threshold Lattice-Based Signature Scheme
- Parameter setting. Receives the security parameter , which defines the security level of the scheme, as input and returns the parameters [47].
- Key generation. Generates the commitment key , consisting of matrix , which is defined as follows:
- Commitment generation. Receives a value as input, randomly calculates , where , and returns the commitment :It is known from [47] that the commitment scheme has the binding property; that is, it is hard for a published commitment , obtained by the vector and the value x, to find the vector and the value for which since it reduces to solving the Ring-SIS problem, which is a hard problem. It is also proved in [47] that the commitment scheme has the hiding property since the distribution is close to uniform.
- Commitment opening. Receives a commitment, a value , and a random vector as input and checks that and the Equation (15) is being fulfilled.
- Key generation with a trapdoor. Generates the matrix according to (14) and randomly chooses a trapdoor, , which is equal to a matrix . Then, the commitment key is formed as follows , where is a gadget matrix, which is defined as follows:
- Commitment generation with a trapdoor. Randomly chooses a vector and outputs as a commitment.
- Equivocation algorithm. Uses the trapdoor and the Micciancio–Peikert algorithm [40] in order to generate a vector from a discrete Gaussian distribution on the coset of the lattice , which is defined as follows:
- Parameters setting. Having received the security parameter as input, the public parameters of the system are generated, namely, the rings of polynomials, the public matrix rank l and dimension k, the sets S and C, the parameters of distributions, the boundary B for the length of the signature vector, as well as random oracles , , and [46].
- Key generation. After initializing public parameters, keys are generated, consisting of two phases: matrix generation and key pair creation. All subsequent steps of the algorithm are performed by each user of the system, where and n is the total number of users.
- (a)
- Matrix generation
- i.
- A random matrix is calculated and a commitment is generated and sent to other users.
- ii.
- After receiving all for each , matrix is sent out for each one.
- iii.
- After obtaining all matrices for each , the equalities are checked. If at least one equality is not met, then an ABORT is sent, otherwise a public matrix is set, where .
- (b)
- Generation of a key pair
- i.
- A secret vector is randomly selected, and a part of the public key is calculated: . A commitment is generated and sent to other users.
- ii.
- After receiving all for each , the vector is sent to other users.
- iii.
- After obtaining all vectors for each , the equalities are checked. If at least one equality is not met, then an ABORT is sent, otherwise a public key is set.
If the protocol does not return ABORT, then each user, , gets .
- Secret sharing. To separate the secret, the Shamir secret sharing scheme is used [48]. The user has a unique own and knows the of other users. Then it performs the following actions:
- (a)
- Generates polynomials (; i is an index of ) of degree , where free terms are specified as entries of secret vector .
- (b)
- For each user , including himself, the user generates a vector consisting of polynomials generated in advance with values substituted in them, which is a vector , and sends this vector only to user .
- (c)
- After receiving all the vectors for each , user calculates his secret key share , with which he will then carry out the signature procedure.
As it can be seen, users, in this case, perform distributed secret sharing; that is, they get the share of a common secret without calculating the secret polynomial directly. This approach differs from the classical one when the dealer forms a secret polynomial and distributes shares of the secret to users. - Signature generation. For signing message t users are selected. Let the users be selected. Each receives a unique session ID () and a message that needs to be signed. The user checks that the has not been used before and calculates locally the key for the commitment scheme . A new random oracle function is also used for the signature procedure . Next, the user performs the following actions.
- (a)
- Randomly selects a vector and calculates .
- (b)
- Calculates the commitment , where , and sends it to all other users.
- (c)
- After receiving all calculates .
- (d)
- Next, the user calculates the Lagrange coefficient
- (e)
- Then receives the challenge and calculates the partial signature . For the next step user also computes vector .
- (f)
- For the received value , the user checks that ; if the condition is not met, then the user sends out RESTART. If the condition is met, then the user with the probability
- (g)
- After obtaining all for each , the partial signature is sent to other users.
- (h)
- After receiving all the partial signatures , checks that , and if all conditions are met, calculates the values and . Then, calculates , checks that and . If errors occur, then send ABORT.
If the protocol is not interrupted, the signature will be received at the end of the protocol. - Signature verification. Having received the message , signature and public key , the commitment key is generated , and the challenge is calculated and restored . The signature is accepted if , and .
4. Security
- Split the incoming value x into ;
- If then set ;
- Return .
- The commitment is calculated and sent to other users.
- After receiving all for each , the message signature is calculated as follows:
- (a)
- is set.
- (b)
- Challenge is calculated.
- (c)
- is generated randomly and sent to other users.
- (d)
- After receiving all for each , the following actions are performed:
- i.
- The table is searched for values according to the obtained .
- ii.
- Then vector is generated and the Lagrange coefficients are calculated.
- iii.
- The vector is calculated, and then the vector of partial signature is obtained.
- iv.
- Next, the vector is calculated and with the trapdoor , and the value of randomness is obtained.
- v.
- The value of is obtained, using the property of homomorphism by addition of the commitment function.
- vi.
- If , then signature generation fails, otherwise is set, and a partial signature is sent with probability . Otherwise, RESTART is sent, and the algorithm returns to step 1.
- After receiving all partial signatures for each , the final signature of the message is formed:
- (a)
- It is checked that . If all the equalities are met, then the values and are calculated.
- (b)
- Next, the value is calculated and it is checked that and . If one of the checks fails, an ABORT is sent.
- If , where is the set of messages for which the adversary requested a signature from , then the algorithm returns ⊥.
- Next, calculates and .
- If or , then returns ⊥.
- If , that is, there was a request to generate a commitment key and a trapdoor for the message , then also returns ⊥.
- If the signature successfully passes checks 1–4, then algorithm returns.
5. Discussion
6. Conclusions
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Ometov, A.; Bezzateev, S.; Mäkitalo, N.; Andreev, S.; Mikkonen, T.; Koucheryavy, Y. Multi-Factor Authentication: A Survey. Cryptography 2018, 2, 1. [Google Scholar] [CrossRef] [Green Version]
- Rao, V.; Prema, K. A review on lightweight cryptography for Internet-of-Things based applications. J. Ambient Intell. Humaniz. Comput. 2021, 12, 8835–8857. [Google Scholar] [CrossRef]
- McKay, K.; Bassham, L.; Sönmez Turan, M.; Mouha, N. Report on Lightweight Cryptography; NIST Interagency/Internal Report (NISTIR); National Institute of Standards and Technology: Gaithersburg, MD, USA, 2017. [Google Scholar]
- Ometov, A.; Masek, P.; Malina, L.; Florea, R.; Hosek, J.; Andreev, S.; Hajny, J.; Niutanen, J.; Koucheryavy, Y. Feasibility characterization of cryptographic primitives for constrained (wearable) IoT devices. In Proceedings of the 2016 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops), Sydney, Australia, 14–18 March 2016; pp. 1–6. [Google Scholar]
- Coelho, K.; Damião, D.; Noubir, G.; Borges, A.; Nogueira, M.; Nacif, J. Cryptographic algorithms in wearable communications: An empirical analysis. IEEE Commun. Lett. 2019, 23, 1931–1934. [Google Scholar] [CrossRef]
- Perumal, P.; Subha, S. An analysis of a secure communication for healthcare system using wearable devices based on elliptic curve cryptography. World Rev. Sci. Technol. Sustain. Dev. 2022, 18, 51–58. [Google Scholar] [CrossRef]
- Hernández-Álvarez, L.; Bullón Pérez, J.J.; Batista, F.K.; Queiruga-Dios, A. Security Threats and Cryptographic Protocols for Medical Wearables. Mathematics 2022, 10, 886. [Google Scholar] [CrossRef]
- Sowjanya, K.; Dasgupta, M.; Ray, S. An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems. Int. J. Inf. Secur. 2020, 19, 129–146. [Google Scholar] [CrossRef]
- Shor, P.W. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, 20–22 November 1994; pp. 124–134. [Google Scholar]
- McEliece, R.J. A public-key cryptosystem based on algebraic. Coding Thv. 1978, 4244, 114–116. [Google Scholar]
- Alabbadi, M.; Wicker, S.B. Digital signature schemes based on error-correcting codes. In Proceedings of the IEEE International Symposium on Information Theory, San Antonio, TX, USA, 17–22 January 1993; p. 199. [Google Scholar]
- Xinmei, W. Digital signature scheme based on error-correcting codes. Electron. Lett. 1990, 26, 898–899. [Google Scholar] [CrossRef]
- Harn, L.; Wang, D. Cryptanalysis and modification of digital signature scheme based on error-correcting code. Electron. Lett. 1992, 2, 157–159. [Google Scholar]
- Courtois, N.T.; Finiasz, M.; Sendrier, N. How to achieve a McEliece-based digital signature scheme. In Advances in Cryptology—ASIACRYPT 2001, Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security Gold Coast, Australia, 9–13 December 2001; Proceedings 7; Springer: Berlin/Heidelberg, Germany, 2001; pp. 157–174. [Google Scholar]
- Rostovtsev, A.; Makhovenko, E. Cryptosysten based on category of isogenious elliptic curves. Inf. Secur. Probl. Comput. Syst. 2002, 2006/145, 74. [Google Scholar]
- Beullens, W.; Kleinjung, T.; Vercauteren, F. CSI-FiSh: Efficient isogeny based signatures through class group computations. In Advances in Cryptology—ASIACRYPT 2019, Proceedings of the 25th International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, 8–12 December 2019; Proceedings, Part I; Springer: Berlin/Heidelberg, Germany, 2019; pp. 227–247. [Google Scholar]
- Dartois, P.; Leroux, A.; Robert, D.; Wesolowski, B. SQISignHD: New Dimensions in Cryptography. Cryptol. Eprint Arch. 2023, 2023, 436. [Google Scholar]
- De Feo, L.; Meyer, M. Threshold schemes from isogeny assumptions. In Public-Key Cryptography–PKC 2020, Proceedings of the 23rd IACR International Conference on Practice and Theory of Public-Key Cryptography, Edinburgh, UK, 4–7 May 2020; Proceedings, Part II 23; Springer: Berlin/Heidelberg, Germany, 2020; pp. 187–212. [Google Scholar]
- Davydov, V.; Khutsaeva, A.; Ioganson, I.; Dakuo, Z.M.; Bezzateev, S. Improved threshold signature scheme CSI-FiSh with fast secret recovery. Her. Sib. State Univ. Telecommun. Inf. Sci. 2023, 17, 76–91. [Google Scholar] [CrossRef]
- Lamport, L. Constructing Digital Signatures from a One Way Function; Computer Science Laboratory, SRI International: Menlo Park, CA, USA, 1979. [Google Scholar]
- Merkle, R.C. Secrecy, Authentication, and Public Key Systems; Stanford University: Stanford, CA, USA, 1979. [Google Scholar]
- Bernstein, D.J.; Hülsing, A.; Kölbl, S.; Niederhagen, R.; Rijneveld, J.; Schwabe, P. The SPHINCS+ signature framework. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London, UK, 11–15 November 2019; pp. 2129–2146. [Google Scholar]
- Matsumoto, T.; Imai, H. Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In Advances in Cryptology—EUROCRYPT’88, Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques Davos, Switzerland, 25–27 May 1988; Proceedings 7; Springer: Berlin/Heidelberg, Germany, 1988; pp. 419–453. [Google Scholar]
- Patarin, J. Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt’88. In Advances in Cryptology—CRYPT0’95, Proceedings of the 15th Annual International Cryptology Conference Santa Barbara, CA, USA, 27–31 August 1995; Proceedings 15; Springer: Berlin/Heidelberg, Germany, 1995; pp. 248–261. [Google Scholar]
- Ding, J.; Schmidt, D. Rainbow, a new multivariable polynomial signature scheme. Proc. ACNS 2005, 5, 164–175. [Google Scholar]
- Wang, S.; Ma, R.; Zhang, Y.; Wang, X. Ring signature scheme based on multivariate public key cryptosystems. Comput. Math. Appl. 2011, 62, 3973–3979. [Google Scholar] [CrossRef] [Green Version]
- Petzoldt, A.; Bulygin, S.; Buchmann, J. A multivariate based threshold ring signature scheme. Appl. Algebra Eng. Commun. Comput. 2013, 24, 255–275. [Google Scholar] [CrossRef] [Green Version]
- Ajtai, M.; Dwork, C. A public-key cryptosystem with worst-case/average-case equivalence. In Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, El Paso, TX, USA, 4–6 May 1997; pp. 284–293. [Google Scholar]
- Goldreich, O.; Goldwasser, S.; Halevi, S. Public-key cryptosystems from lattice reduction problems. In Advances in Cryptology—CRYPTO’97, Proceedings of the 17th Annual International Cryptology Conference Santa Barbara, CA, USA, 17–21 August 1997; Proceedings 17; Springer: Berlin/Heidelberg, Germany, 1997; pp. 112–131. [Google Scholar]
- Fouque, P.A.; Hoffstein, J.; Kirchner, P.; Lyubashevsky, V.; Pornin, T.; Prest, T.; Ricosset, T.; Seiler, G.; Whyte, W.; Zhang, Z.; et al. Falcon: Fast-Fourier lattice-based compact signatures over NTRU. Submiss. NIST’s Post-Quantum Cryptogr. Stand. Process 2018, 36. [Google Scholar]
- Ducas, L.; Kiltz, E.; Lepoint, T.; Lyubashevsky, V.; Schwabe, P.; Seiler, G.; Stehlé, D. Crystals-dilithium: A lattice-based digital signature scheme. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018, 2018, 238–268. [Google Scholar] [CrossRef]
- Cayrel, P.L.; Lindner, R.; Rückert, M.; Silva, R. A lattice-based threshold ring signature scheme. In Progress in Cryptology–LATINCRYPT 2010, Proceedings of the First International Conference on Cryptology and Information Security in Latin America, Puebla, Mexico, 8–11 August 2010; proceedings 1; Springer: Berlin/Heidelberg, Germany, 2010; pp. 255–272. [Google Scholar]
- Bettaieb, S.; Schrek, J. Improved lattice-based threshold ring signature scheme. In Post-Quantum Cryptography, Proceedings of the 5th International Workshop, PQCrypto 2013, Limoges, France, 4–7 June 2013, Proceedings 5; Springer: Berlin/Heidelberg, Germany, 2013; pp. 34–51. [Google Scholar]
- Feng, T.; Gao, Y.; Ma, J. Changeable threshold signature scheme based on lattice theory. In Proceedings of the 2010 International Conference on E-Business and E-Government, Guangzhou, China, 7–9 May 2010; pp. 1311–1315. [Google Scholar]
- Hoffstein, J.; Howgrave-Graham, N.; Pipher, J.; Silverman, J.H.; Whyte, W. NTRUSIGN: Digital signatures using the NTRU lattice. In Topics in Cryptology—CT-RSA 2003, Proceedings of The Cryptographers’ Track at the RSA Conference 2003, San Francisco, CA, USA, 13–17 April 2003; Springer: Berlin/Heidelberg, Germany, 2003; pp. 122–140. [Google Scholar]
- Wang, K.; Xu, Q.; Zhang, G. A secure threshold signature scheme from lattices. In Proceedings of the 2013 Ninth International Conference on Computational Intelligence and Security, Emei Mountain, China, 14–15 December 2013; pp. 469–473. [Google Scholar]
- Choi, R.; Kim, K. Lattice-based threshold signature with message block sharing. In Proceedings of the 31st Symposium on Cryptography and Information Security, Kagoshima, Japan, 21–24 January 2014; pp. 1–7. [Google Scholar]
- Pilaram, H.; Eghlidos, T.; Toluee, R. An efficient lattice-based threshold signature scheme using multi-stage secret sharing. IET Inf. Secur. 2021, 15, 98–106. [Google Scholar] [CrossRef]
- Pilaram, H.; Eghlidos, T. An efficient lattice based multi-stage secret sharing scheme. IEEE Trans. Dependable Secur. Comput. 2015, 14, 2–8. [Google Scholar] [CrossRef]
- Micciancio, D.; Peikert, C. Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller. Eurocrypt 2012, 7237, 700–718. [Google Scholar]
- Agrawal, S.; Kirshanova, E.; Stehlé, D.; Yadav, A. Practical, round-optimal lattice-based blind signatures. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, CA, USA, 7–11 November 2022; pp. 39–53. [Google Scholar]
- Boneh, D.; Gennaro, R.; Goldfeder, S.; Jain, A.; Kim, S.; Rasmussen, P.M.; Sahai, A. Threshold cryptosystems from threshold fully homomorphic encryption. In Advances in Cryptology–CRYPTO 2018, Proceedings of the 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, 19–23 August 2018; Proceedings, Part I 38; Springer: Berlin/Heidelberg, Germany, 2018; pp. 565–596. [Google Scholar]
- Lyubashevsky, V. Fiat-Shamir with aborts: Applications to lattice and factoring-based signatures. In Advances in Cryptology–ASIACRYPT 2009, Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, 6–10 December 2009; Proceedings 15; Springer: Berlin/Heidelberg, Germany, 2009; pp. 598–616. [Google Scholar]
- Lyubashevsky, V. Lattice signatures without trapdoors. In Advances in Cryptology—EUROCRYPT 2012, Proceedings of the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, UK, 15–19 April 2012; Proceedings 31; Springer: Berlin/Heidelberg, Germany, 2012; pp. 738–755. [Google Scholar]
- Schnorr, C.P. Efficient signature generation by smart cards. J. Cryptol. 1991, 4, 161–174. [Google Scholar] [CrossRef] [Green Version]
- Damgård, I.; Orlandi, C.; Takahashi, A.; Tibouchi, M. Two-round n-out-of-n and multi-signatures and trapdoor commitment from lattices. J. Cryptol. 2022, 35, 14. [Google Scholar] [CrossRef]
- Baum, C.; Damgård, I.; Lyubashevsky, V.; Oechsner, S.; Peikert, C. More efficient commitments from structured lattice assumptions. In Security and Cryptography for Networks, Proceedings of the 11th International Conference, SCN 2018, Amalfi, Italy, 5–7 September 2018; Springer: Berlin/Heidelberg, Germany, 2018; pp. 368–385. [Google Scholar]
- Shamir, A. How to share a secret. Commun. ACM 1979, 22, 612–613. [Google Scholar] [CrossRef]
- Bezzateev, S.; Davydov, V.; Ometov, A. On Secret Sharing with Newton’s Polynomial for Multi-Factor Authentication. Cryptography 2020, 4, 34. [Google Scholar] [CrossRef]
- Micciancio, D.; Regev, O. Lattice-based Cryptography. In Post-Quantum Cryptography; Bernstein, D.J., Buchmann, J., Dahmen, E., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; pp. 147–191. [Google Scholar] [CrossRef] [Green Version]
- Sphere Packings, Lattices and Groups; Springer Science & Business Media: Berlin/Heidelberg, Germany, 2013; Volume 290.
- Ajtai, M. Generating hard instances of lattice problems. In Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, Philadelphia, PA, USA, 22–24 May 1996; pp. 99–108. [Google Scholar]
- Goldreich, O.; Micciancio, D.; Safra, S.; Seifert, J.P. Approximating shortest lattice vectors is not harder than approximating closest lattice vectors. Inf. Process. Lett. 1999, 71, 55–61. [Google Scholar] [CrossRef]
- Ajtai, M. The shortest vector problem in L2 is NP-hard for randomized reductions. In Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing, Dallas, TX, USA, 23–26 May 1998; pp. 10–19. [Google Scholar]
- Regev, O. On lattices, learning with errors, random linear codes, and cryptography. J. ACM (JACM) 2009, 56, 1–40. [Google Scholar] [CrossRef]
- Brakerski, Z.; Gentry, C.; Vaikuntanathan, V. (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theory (TOCT) 2014, 6, 1–36. [Google Scholar] [CrossRef] [Green Version]
- Langlois, A.; Stehlé, D. Worst-case to average-case reductions for module lattices. Des. Codes Cryptogr. 2015, 75, 565–599. [Google Scholar] [CrossRef]
- Gentry, C.; Peikert, C.; Vaikuntanathan, V. Trapdoors for hard lattices and new cryptographic constructions. In Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, Victoria, BC, Canada, 17–20 May 2008; pp. 197–206. [Google Scholar]
- Lyubashevsky, V.; Peikert, C.; Regev, O. On ideal lattices and learning with errors over rings. J. ACM (JACM) 2013, 60, 1–35. [Google Scholar] [CrossRef]
- Pointcheval, D.; Stern, J. Security arguments for digital signatures and blind signatures. J. Cryptol. 2000, 13, 361–396. [Google Scholar] [CrossRef]
- Ducas, L.; Lepoint, T.; Lyubashevsky, V.; Schwabe, P.; Seiler, G.; Stehle, D. CRYSTALS—Dilithium: Digital Signatures from Module Lattices. Cryptology ePrint Archive, Paper 2017/633. 2017. Available online: https://eprint.iacr.org/2017/633 (accessed on 15 January 2023).
- Pettit, M. Efficient threshold-optimal ECDSA. In Cryptology and Network Security, Proceedings of the 20th International Conference, CANS 2021, Vienna, Austria, 13–15 December 2021; Springer: Berlin/Heidelberg, Germany, 2021; pp. 116–135. [Google Scholar]
Security Level | Algorithm | Execution Time, ms |
---|---|---|
2 | Key generation | 22.1 |
Secret sharing | 1.1 | |
Signature generation | 20.4 | |
Signature verification | 2.7 | |
3 | Key generation | 27.8 |
Secret sharing | 1.5 | |
Signature generation | 26.5 | |
Signature verification | 2.8 | |
5 | Key generation | 37.9 |
Secret sharing | 1.8 | |
Signature generation | 37.8 | |
Signature verification | 4.0 |
Parameter | Actual Size of Proposed Scheme, Bytes | Actual Size of tECDSA Scheme, Bytes |
---|---|---|
Partial signature size | 7360 | 64 |
Signature size | 11,775 | 64 |
Secret data size | 13,247 | 32 |
Size of transmitted data by signature generation |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Leevik, A.; Davydov, V.; Bezzateev, S. Threshold Lattice-Based Signature Scheme for Authentication by Wearable Devices. Cryptography 2023, 7, 33. https://doi.org/10.3390/cryptography7030033
Leevik A, Davydov V, Bezzateev S. Threshold Lattice-Based Signature Scheme for Authentication by Wearable Devices. Cryptography. 2023; 7(3):33. https://doi.org/10.3390/cryptography7030033
Chicago/Turabian StyleLeevik, Anton, Vadim Davydov, and Sergey Bezzateev. 2023. "Threshold Lattice-Based Signature Scheme for Authentication by Wearable Devices" Cryptography 7, no. 3: 33. https://doi.org/10.3390/cryptography7030033
APA StyleLeevik, A., Davydov, V., & Bezzateev, S. (2023). Threshold Lattice-Based Signature Scheme for Authentication by Wearable Devices. Cryptography, 7(3), 33. https://doi.org/10.3390/cryptography7030033