Bimodal Lattice Signature Scheme (BLISS) » History » Version 2
« Previous -
Version 2/58
(diff) -
Next » -
Current version
Andreas Steffen, 12.12.2014 21:43
Bimodal Lattice Signature Scheme (BLISS)¶
BLISS is a post-quantum signature scheme based on the CRYPTO 2013 paper Lattice Signatures and Bimodal Gaussians by Léo Ducas, Alain Durmus, Tancrède Lepoint, and Vadim Lyubashevsky. Starting with the strongSwan 5.2.2 release we offer BLISS as an IKEv2 public key authentication method and added full BLISS key and certificate generation support to the strongSwan pki tool.
BLISS Private Key Generation¶
strongSwan currently supports the BLISS-I, BLISS-III, and BLISS-IV schemes with a cryptographic strength of 128 bits, 160 bits and 192 bits, respectively. Using the pki tool a private BLISS key can be generated as follows:
pki --gen --type bliss --size 1 --debug 2 > key1.der mgf1 based on sha1 is seeded with 20 octets mgf1 generated 240 octets mgf1 based on sha1 is seeded with 20 octets mgf1 generated 240 octets l2 norm of s1||s2: 771, Nk(S): 47150 (46479 max) mgf1 based on sha1 is seeded with 20 octets mgf1 generated 220 octets mgf1 based on sha1 is seeded with 20 octets mgf1 generated 240 octets l2 norm of s1||s2: 771, Nk(S): 43332 (46479 max) secret key generation succeeded after 2 trials
When generating the private key consisting of the two polynomials s1 and s2, the Nk(S) metric must be fulfilled. This means that often several trials are needed in order to obtain a valid BLISS private key.
With the command
pki --print --type bliss-priv --in key1.der private key with: pubkey: BLISS 128 bits strength keyid: d1:a3:fb:04:8d:1b:86:4f:fa:a7:d8:45:ec:e3:e3:ec:ef:7b:85:ca subjkey: e3:fc:6b:59:9a:ee:81:d5:10:3a:58:9f:e2:99:f7:7f:5c:3b:1c:96
information on the BLISS private key is displayed.
Let's now generate a BLISS-IV key with 192 bit cryptographic strength in base64-encoded PEM format
pki --gen --type bliss --size 4 --outform pem > key4.pem secret key generation succeeded after 4 trials
The PEM key format is printable
cat key4.pem -----BEGIN BLISS PRIVATE KEY----- MIIFGgYLKwYBBAGCoCoFAgQDggOBACUkEElEU1wx3rTZLRp7ejCQl7beNwsiFfMs WWtH2EbLR1KxExmkc07Wp6GwEgQQVh5iHQaq0cX8aRSWUpne27elaBgfnv2lKIIY YRBechxMh7YGYVQl/8se1EeCZqqZiR7hEHyYCFogDiCM7aW8RTw0ZtbJBK37UkTR ZDoNjk9kyYEhZdoEsjGo0h5DBFLcxExk6Git+9e8xsJL4rdjLImGezgBOczbhTow migPmqQx4bi441BAIC65oIoSdQwdMmLnaHi6CAT314jGS8UG6hcTL6qO5iaoaKFA AVSX9EPRCtIxVq/IgqBKybK+bO9LWqQ1Pcn5u2KitXioNYg10YPcko0XNitUik/v VSQPW1EJ6ZJ9v/bTZZFi7QjTtKq8GoIld0Vhh1TFnfEOblOCSsi7B+TxJHAf5BkR ia1oxEN8iDA9xNL2ohzUJurdO/wCsCAstVC9HOKooqAR7EiFP7CEQwxXpxuw8Kv9 2/0L8jy4Sq0thxlrSbtSdZGq1/gNYLqNII7oZJH0HfhpC6oMnq0t6GILZIME3Pti 9Kj9WMxZMCxOTC6Fl5IvzsCV1vHgNoB4MgUaJy6MUJyU+LdAhYmjso9rNdBah0Ku drJh1o1uS7ERUohYkJtlzky9XuS2pjwTELxpAsrPz6VM6ZXiZAZCuqF00crUoy2K yjiOpS5/4nKKEYyGez3QepLjTYzMapC7TXw7sD80H0S8BuSW+HJMFy4BWMXP5bps Chw7tFsWMa5i1oiXPUDoYlW740Zj5YwIY6e2oeBiEceU/5TkNXcbBJ4gojaKxwdz oOExefSthX91OcHhq2W0GSyZ9I+aUngseEdcYjKk2IL76kxWrdwoM95feDGY925r sRV0tpqiSKh04K1gV0wSRzT7w82lVwPwQlY9Hw1nVfVU99bzujoHSfiEFVUURFlQ jWAMBq32hwdfeghOEkLBLQYqRjWOyWSi7I1GWMJ/P7CaBiKiM096NCJiYJyUuj6l yM0gJJ0iiNNSF6oqQIQcwFOP9HTQk9DNE3AplGqrJptROtN8lvFlpnhQt6YQBHQX qAUCx47EsrN8W+m+XQKrdMOKhz3JxB+tcJOoQSsoZ1AT9eUaM5VxLoRGY3GMmG3e J3SETcNggvZlP25VgapsCInEWbnAJmPQ7ydTov8yF0EQdiiZYUQlHXvktTPpHgFP Vcc6A9TFA4HBAAQOAeOAdsAACDxyADyADyPwAOAR+CSuBxzweASQCBwRwQgCBxx+ QAQSAMAAeDwQAfyOTiST+AASOODuBx/wACQiOAASQeOACQB/9yAgOASDjyDwCQfw N+AeOAOOACPwQBwsAPwPzwMcCCCQADwSACCBx+DwQAPwASABwOOgBvwQCQDwPwAQ SBwFwOESSAef+QCT+ACPwAAeRyBsfwAAQAABgPwUAQOehweRwN+eNwDx/yDiOFyQ AOOABwEQAOBwAQOBwQDngAH9DAcg/hHoAlAE8AAfckfrgYkccA/IgAcEgY/gEIfk cHgEEEHjkgcfkjgDgYfj4AEAAAkAAgFcf8Dj/hEggADEBADjjjAgnjADogDj8/8f kjgAcAAAAEAcAA/gf/gg8cAALjkAcAEEgEYjk8AEDgcj8EAH/kEEcA7ggAADkcA8 AEkAkgAk/AAAEngEAgAAD8HkA8kEAjgA8A8YFcjoAAgD//jA8c/8cf/j8cAngAAc AHgHgkBE/nj8kcDgIAE= -----END BLISS PRIVATE KEY-----