Projects per year
Abstract
SQIsign, the only isogeny-based signature scheme submitted to NIST’s additional signature standardization call, achieves the smallest public key and signature sizes among all post-quantum signature schemes. However, its existing implementation, particularly in its quaternion arithmetic operations, relies on GMP’s big integer functions, which, while efficient, are often not designed for constant-time execution.
In this work, we take a step toward side-channel-protected SQIsign by implementing constant-time techniques for SQIsign’s big integer arithmetic, which forms the computational backbone of its quaternion module. For low-level fundamental functions including Euclidean division, exponentiation and the function that computes integer square root, we either extend or tailor existing solutions according to SQIsign's requirements such as handling signed integers or scaling them for integers up to
12,000 bits. Further, we propose a novel constant-time modular reduction technique designed to handle dynamically changing moduli.Our implementation is written in C without reliance on high-level libraries such as GMP and we evaluate the constant-time properties of our implementation using Timecop with Valgrind that confirm the absence of timing-dependent execution paths. We provide experimental benchmarks across various SQIsign parameter sizes to demonstrate the performance of our constant-time implementation.
In this work, we take a step toward side-channel-protected SQIsign by implementing constant-time techniques for SQIsign’s big integer arithmetic, which forms the computational backbone of its quaternion module. For low-level fundamental functions including Euclidean division, exponentiation and the function that computes integer square root, we either extend or tailor existing solutions according to SQIsign's requirements such as handling signed integers or scaling them for integers up to
12,000 bits. Further, we propose a novel constant-time modular reduction technique designed to handle dynamically changing moduli.Our implementation is written in C without reliance on high-level libraries such as GMP and we evaluate the constant-time properties of our implementation using Timecop with Valgrind that confirm the absence of timing-dependent execution paths. We provide experimental benchmarks across various SQIsign parameter sizes to demonstrate the performance of our constant-time implementation.
| Original language | English |
|---|---|
| Title of host publication | Africacrypt 2025 |
| Publication status | Accepted/In press - 2025 |
| Event | 16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025 - Rabat, Morocco Duration: 21 Jul 2025 → 23 Jul 2025 |
Conference
| Conference | 16th International Conference on Cryptology, Progress in Cryptology - AFRICACRYPT 2025 |
|---|---|
| Abbreviated title | AFRICACRYPT 2025 |
| Country/Territory | Morocco |
| City | Rabat |
| Period | 21/07/25 → 23/07/25 |
Fields of Expertise
- Information, Communication & Computing
Fingerprint
Dive into the research topics of 'Constant-time Integer Arithmetic for SQIsign'. Together they form a unique fingerprint.Projects
- 1 Active
-
FWF - ISOCrystals - Secure and Efficient Isogeny-based Cryptography in Hardware
Sinha Roy, S. (Co-Investigator (CoI))
3/06/24 → 2/12/27
Project: Research project