密码学 - 奇妙的FN-DSA
- billatnapier
- 发布于 7小时前
- 阅读 43
本文介绍了FN-DSA(FIPS 206)这一新的数字签名标准,它使用快速傅里叶变换(FFT)优化了晶格结构中的变换过程,从而在后量子密码学(PQC)中实现了比ML-DSA更小、更高效的签名。文章提供了JavaScript代码示例和性能对比,展示了FN-DSA在密钥大小和签名大小方面的优势,并建议在区块链等应用中考虑使用。
奇妙的 FN-DSA
作为通信专业的学生,我接触到了快速傅里叶变换(FFT),并深深地爱上了它,因为它能简化通信系统。它确实是工程和计算机科学领域最伟大的发现之一。因此,FALCON 后量子密码学(PQC)方法在其 lattice 基础设施中使用了它来进行变换,我相信它是生成量子鲁棒数字签名的最佳方法之一。现在,新标准被称为 FN-DSA (FIPS 206),它提供了比 ML-DSA (FIPS 204) 更小的签名,同时仍然快速且高效。
新的 FIPS 206 标准在签名中添加了上下文,并具有两个安全级别(FN-DSA-512 和 FN-DSA-1024):
这是 JavaScript 代码 [ 此处]:
<script type="module">
import * as fn_DSA from '/fndsa.js';
(async function () {
let key, n = 128, sig;
const privateKey = document.getElementById("privateKey");
const publicKey = document.getElementById("publicKey");
const signTx = document.getElementById("sign");
const verifyTx = document.getElementById("verify");
function buf2hex(buffer) { // buffer 是一个 ArrayBuffer
return [...new Uint8Array(buffer)]
.map(x => x.toString(16).padStart(2, '0'))
.join('');
}
async function signData(privateKey, publicKey, data) {
let ctx = 'Some context'; // 一些上下文
let id = fn_DSA.ID_RAW;
let sig = fn_DSA.sign(privateKey, ctx, id, data);
signTx.innerHTML = 'Size: ' + sig.length + ' bytes\n'; // 大小:字节
signTx.innerHTML += "Signature: " + buf2hex(sig); // 签名:
let rtn = fn_DSA.verify(sig, publicKey, ctx, id, data);
if (rtn) {
verifyTx.innerText = "Signature verified"; // 签名已验证
} else {
verifyTx.innerText = "Signature failed"; // 签名失败
}
}
async function genKey() {
var degree= document.getElementById("method").value;
key = await fn_DSA.keygen(parseInt(degree));
privateKey.innerText += 'Size: ' + key.sign_key.length + ' bytes\n'; // 大小:字节
privateKey.innerText += buf2hex(key.sign_key);
publicKey.innerText = 'Size: ' + key.verify_key.length + ' bytes\n'; // 大小:字节
publicKey.innerText += buf2hex(key.verify_key);
}
async function update() {
signData(key.sign_key, key.verify_key, document.getElementById("message").value);
}
document.getElementById("message").value = "Hello 1234";
await genKey();
await update();
document.getElementById("genkey").addEventListener("click", genKey);
document.getElementById("genkey").addEventListener("click", update);
document.getElementById("message").addEventListener("input", update);
document.getElementById("method").addEventListener("click", genKey);
document.getElementById("method").addEventListener("click", update);
document.getElementById("message").focus();
}) ();
</script>总的来说,使用签名密钥(私钥)进行签名,并使用验证密钥(公钥)进行验证:
这是一个演示:
Bill Buchanan OBE
•直播
•
FN-DSA 是一种很棒的签名方法,并且具有比 ML-DSA 更小的密钥大小和签名。对于 ECDSA、RSA、Ed25519 和 Ed448,我们有:
Method Public key size (B) Private key size (B) Signature size (B) Security level // 方法 公钥大小(B) 私钥大小(B) 签名大小(B) 安全等级
------------------------------------------------------------------------------------------------------
Ed25519 32 32 64 1 (128-bit) EdDSA
Ed448 57 57 112 3 (192-bit) EdDSA
ECDSA 64 32 48 1 (128-bit) ECDSA
RSA-2048 256 256 256 1 (128-bit) RSA对于 Falcon (FN-DSA) 和 Dilithium (ML-DSA),我们有:
Method Public key size Private key size Signature size Security level // 方法 公钥大小 私钥大小 签名大小 安全等级
------------------------------------------------------------------------------------------------------
Crystals Dilithium 2 (Lattice) 1,312 2,528 2,420 1 (128-bit) Lattice
Crystals Dilithium 3 1,952 4,000 3,293 3 (192-bit) Lattice
Crystals Dilithium 5 2,592 4,864 4,595 5 (256-bit) Lattice
Falcon 512 (Lattice) 897 1,281 690 1 (128-bit) Lattice
Falcon 1024 1,793 2,305 1,330 5 (256-bit) LatticeFalcon-512 (n=9) 的示例运行 [ 此处]:
Size: 666 bytes // 大小:666 字节
Signature: 39e8813b95e5e1ddcd058ed54775f70369b6eb2bddc5dc1c2ac6125fb5dd324d61eda03481fd3947ab8e28ab23b9f2ea7c3ac9ac38d9869b5a91463dd875b5ba49a4e621e0611965dd46a8df5aa23c2151ca3146c5490b75b64172aca7f0cdda78f6a05ae4ae7cefa3cf4e6905a9a0aad58dfac1b4af344d6f646aa4d7d902c33f7be78992466dda7c22abf3e170e7e3b2b451ffce34ddd43a7cad6e724f9f29aff413f318c77f366fd624c8da959366c7e87810f9dda9c5e4e53c9adb9d2d893371670781e74fb8fd690c3237124354fcfb40ca7731b44d77466b89f8d5f2b07f843dd261f734cc92a4e8bde9312bea7509df87dd1290f4973f1227f4fc2e8852fadf942ba67e3da9d22728cb90afc1b0497931b5db611ba6ed8387c214fa6dbbf4d125716b3af289139a5dfb0d5f80bdbb8d6b1a9ef263f42e97497263b6ae20efb95a98c931ba92a73e9e9555a7ac45fe0488c514f509beb76b12885cbba1a78d5da1700776d247e5eaf340969b5363b2bf3ef31518c835b16f36052fa62175ec52beca2a85214fdc4fb9fb1d12b31b18b4a0e84c29c90ddf4ef474240b99ad41bbcaec70b4b54b15008c58347874d4c22199bf7ca75fecfd779cb96da9ae82dfba35b8f787b393e9c7d7791c290ea2fc930802e57bede448f713b0f053594d616de7411df9fe50a4b1efafc995bcd7182bc1ed6237cc4277367050c62e7859e3a23e667bfa96af28800f1c8db1d140aadf6af56bad0f3107ff2e73306407edeaecd7a0d8f57ac4e64e19dfe496f506a08cbc8f024e95d6e1b866968b66cead6e4f978143e6eaa209cf0c47f5244cf7ed4fee09df4b925de441fbef61515b0f7384c5b2725faa9e8e20f13c3b84b2a1a6a38bbdd45fd1c73346b3d5b10612bff05988763ebba35be697f34700000000000000000000000000
Verify // 验证
Signature verified // 签名已验证
Generated keys // 生成的密钥
Public Key // 公钥
Size: 897 bytes // 大小:897 字节
09566cfd395e2a075d5418891213b611bd7ea39a089c37c5597729db5029ed23286f153f9f383f544a9bf2ad680193808afe76256e60749ef9b302f9384fec221d592a887e921410b6eba71e112f70049a5738d007a3a2cff8f1a3203845f0e7a50dee24bd9b8323698c61cc8304bc90827d1e54d81052df4d940b88c427cf3d4ea6503eae7057655f562ddc4bbb39cd437555931a7453f125add7ac5e0107af820a8de12a796dc14b08f02044f10fa6701cdc9bfede2f2f59ce111e471f1b98cef53b4ca581a959362f8b3288901dda9216973efe174a3adad63e20289b5e8a247ae6fc232286288e9e82508904eb748e83e802a98668dce0c265e313b7b9704007aad26080cb8564ece979f6749a726ffa7cbad069311c3c405653a3b9274a476224eaf5a0e50a3a3fc8356ef0b4024fbb7ca873459e1d25e1016b020e1e5452c32b16be36e31ec9e43f52be41d9865a72ea4e35706ba1a922a2e35d53d7b3c5dff7a8ec059434ab2974056b32342ba3ad6206b0a503330d9343138ab8984f01e09b6937ea1fab1456e0070aec443944e0c6682e4e3781c09bb1ac2a92967ce78470db288569a096d1e36d37ed2c04d4cb210628e2242102ce5300287938c61f17d9987489a7ab83f110931d669666a2227506978e1352aac437a4d8ac2df7955482dd53cc56641f08ff0634c3fb01dfcf39266468bc103a88f963441e6e18b87e9b07b2c2137785fcd16cd4de184c105b4ac27d41d9c7551358380c0684b885da62a90209b808085d5ebc34d49a248159508403c8c4de49bae675e0473318e125b081a454b52af57442904f613550696c5802a53d82875d29d4496eb73039437363aaab0a0aa850001aa5914dcbda664d36a10608728d2ab4e252217086843889552bf93e31f7c5aeeedbb2b40bca9583d0bdf12d0707c2e93be154a3e3130d7346e62ba98b6c2d49c3eb5b4997120e3041dd83fd66843841e0c693391df417680ec70e543f6200d3652d0efaf2680d011fa01b15fe231725a48d577b19638b7aa005f0446b564c42d45c56bb2256fbfa786698712c2b74366d360220429afc8e591b79bb2594c80738999dba4bd884664e68324b122a214296ba74977134565644d510d4bfde4315d39078171a66fbcc54f04e66dc4ba16e29090dbd4842ccfcac81d55606606a1cc4fbb69eeb54938614355aa4b40c2eb244b2ab4e72444cd6820aad5208a6c7bcc769acb45a5917d12117ed91f299926b6d1cab8704aab1
Private Key // 私钥
Size: 1281 bytes // 大小:1281 字节
59104fbd104f421c3f7c181e00e4103d20217503f102e83ec11bd0bcf0404707c00407d0c603df79081f7e1c8f080800faf3d0800be042f7cec60c20beec7f8707ae43f8203d1841c1f891c4142f7f03efff0fef4007dfff0c5ff6e43f4503f000e7a0c30071020ff07effbefef3e0c90850bfe3dfc7f3e04103e1c5f83ebef42e3c08004210403afc3001efce3f0ff03f0b907debf043efb13c0fa0fffc00be2021470c20fef4117dec2dbe0bdffd003085f84dfa1c0e82e3b13afbd037042ffb03a0c7e3d07df41f3f045efeeb9efff3b17ce000f9ffcef91c1f822030060c5f3e0bc0bb07907efbb045e42e40efd1c8001fc527fffe285ec2f82f7fdfe03c03fffef3df410c1002f7fe3a086efdeff0420000c4ec007f03bf05041fb9f7e10407de060c5f42ffbfc2144f8123ce42141fc0183fc0083f411bef7e17bec2ef7ebe1c100517f0fdf01041f000c0ffffc1f431c013df3d145f45f8307ef4500307ae7de0017d00003e1800b8003145ebe077fc7ffff7e1830c208303e1be042f05f83f8100207ef7fef9f81201f81082fbf03cf030400bff40086f7f0c31fd139f8aebd0bd17f00400400003e00403e0840420020010fdf74e7ee8103df4a045f81f39101040104f040b70ba08703e0c3142fc4ffefff000f7b0fd0fbefc0c0e82f39f3df80f41fc4e3d143f4007cf00ffcdbb0400fb0bbf8103d080ec1084f3b13dfc10020c1004e8a17ffbd0fe07dec70c3fff143ec007f03f0c7147e7a0faf43102142f8103eefd105ec0fc1e7dec5f06ffff7f0430c3085fc5dfe080f0703b002f8233feff043f402bef7be830000010c0fff07c10413d144043e45f02f4714807d17503ef7d0430020fde020801bd1bff7b07a042f411011bc1feffc07c17fec2ffaf431be203dff03e24207ee74041f84104fc323df820bbf4303f10117df06ffeebeec20c31c0240081ffcfbf17efbc23ff06141fb6f3b103f3ff3b1bb0c30c0107f86fb7f001fb0c104207de04f0603ff801bcf40f800fdf3dfc50840c2000f8210117dd4220203df3e00503b13fffffc80bf08313e0fe07f17a001ec7ef1817340dfbfe19e4fb181f22fd0fec09effd2af6f83811012709e80714262d08dcfb1afa0ac31f1515f50530f0cad8100406053605f4efdc472fd7eae7090e0d20f9e717edeedae921f0edf404fffc1a04edeff50f38191eea53f8f511fee00e23e719412515e9ec1e35e1210cf9f6170b081af514152a10e4fbda1911c607e1d4f7faeb0114ebdb082afa25f915fbebf91f04e1eaebf1db0cbf0f260df8cf12faebd702142d043820fd0bebf2130af1df03f7e6d61008ec0b0d140602031c04fff81c0222ef1a02f5f0112104e9c7dcedfdd0f7f810fcf406d3ff18301611ed0cdefa29f6f304f2130e3302f13517dbe4ef21fbd2f60ef5d5070ce9d3120e22f0e6f61cea0e1101ecea0e0204f53e0bf3ff1b391ddfec21f7e4e2f40dd52b1310dbf628fa0dfeece221260304070ced2709202be91d1ab11025f41ae6f7e20824fef1f9fb0ce60ff7f8060d1be93620f73105f30b0b0bd30121221e0d15fd08f71a2d03f4f0051de208eb08f7f51600df23e019ff16300ffcc50002261efd061ff0f21f0a0a001323ec050126ebbc0cf4eb1a17f41417232effd7c30ed4f10904f208db15062a0b2134faef14ef0802fbe3d219effdcd27fa05c9d50bedf8ed040afa1136181ef71015e9250f1ffdebf7fb05e71535113436fff4e7dc1311fbf8e4d6e30a030202e6dd24e9ffeee4fae10df2d202d332f5190ffe2ceee40a因此,考虑使用 FALCON 用于你的数字信任基础设施,特别是对于区块链应用程序。这是演示:
- 原文链接: billatnapier.medium.com/...
- 登链社区 AI 助手,为大家转译优秀英文文章,如有翻译不通的地方,还请包涵~
本文参与登链社区写作激励计划 ,好文好收益,欢迎正在阅读的你也加入。
