# Improved Veron Identification and Signature Schemes in the Rank Metric

**Authors:** Emanuele Bellini, Florian Caullery, Philippe Gaborit, Marc Manzano,, Victor Mateu

arXiv: 1903.10212 · 2019-04-22

## TL;DR

This paper introduces a new code-based signature scheme in the rank metric that achieves smaller signatures and key sizes by reducing the cheating probability to 1/2, with proven security and practical performance.

## Contribution

It presents the smallest code-based signature scheme with reduced cheating probability, improving efficiency and security over prior schemes.

## Key findings

- Signature size around 22 KB at 128-bit security
- Lowest combined signature and public key size among code-based schemes
- Security proven in the Random Oracle Model

## Abstract

It is notably challenging to design an efficient and secure signature scheme based on error-correcting codes. An approach to build such signature schemes is to derive it from an identification protocol through the Fiat-Shamir transform. All such protocols based on codes must be run several rounds, since each run of the protocol allows a cheating probability of either 2/3 or 1/2. The resulting signature size is proportional to the number of rounds, thus making the 1/2 cheating probability version more attractive. We present a signature scheme based on double circulant codes in the rank metric, derived from an identification protocol with cheating probability of 2/3. We reduced this probability to 1/2 to obtain the smallest signature among signature schemes based on the Fiat-Shamir paradigm, around 22 KBytes for 128 bit security level. Furthermore, among all code-based signature schemes, our proposal has the lowest value of signature plus public key size, and the smallest secret and public key sizes. We provide a security proof in the Random Oracle Model, implementation performances, and a comparison with the parameters of the most important code-based signature schemes.

---
Source: https://tomesphere.com/paper/1903.10212