Improving MPCitH with Preprocessing: Mask Is All You Need
The MPC-in-the-head with preprocessing (MPCitH-PP) paradigm presents a novel approach for constructing post-quantum digital signatures like Picnic3. This paper revisits the MPCitH-PP construction, analyzing both its offline and online phases and proposing a reformulation of the protocol. By identif...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ruhr-Universität Bochum
2025-03-01
|
| Series: | Transactions on Cryptographic Hardware and Embedded Systems |
| Subjects: | |
| Online Access: | https://tches.iacr.org/index.php/TCHES/article/view/12040 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850252217366347776 |
|---|---|
| author | Guowei Liu Guoxiao Liu Kaijie Jiang Qingyuan Yu Keting Jia Puwen Wei Meiqin Wang |
| author_facet | Guowei Liu Guoxiao Liu Kaijie Jiang Qingyuan Yu Keting Jia Puwen Wei Meiqin Wang |
| author_sort | Guowei Liu |
| collection | DOAJ |
| description |
The MPC-in-the-head with preprocessing (MPCitH-PP) paradigm presents a novel approach for constructing post-quantum digital signatures like Picnic3. This paper revisits the MPCitH-PP construction, analyzing both its offline and online phases and proposing a reformulation of the protocol. By identifying redundant computations in these phases, we optimize them into a single phase, thereby enhancing the efficiency of MPCitH-PP. Furthermore, we explore the independence of the mask, demonstrating that it can be calculated in parallel, which also enables the optimization of the masked witness calculation.
Our optimized implementation of Picnic3 shows significant improvements. At the L1 security level, the optimal software implementation reduces MPCitH-PP calculation time to about 30% of the previous implementation. The optimal signature implementation costs about 78% of the previous implementation time. At the L5 security level, MPCitH-PP with parallelism optimal is reduced to about 26% of the previous solution’s time, and the optimal signature implementation runs at about 53% of the previous solution’s time. For the hardware implementation, our optimizations reduce the clock cycles of MPCitH-PP from r sequential rounds to a single parallel round, where r denotes the number of rounds in the LowMC algorithm, with little change in hardware usage, and perform better in AT product, especially for parallel computing.
|
| format | Article |
| id | doaj-art-723d86c784c848dfbb1a16ed8602756b |
| institution | OA Journals |
| issn | 2569-2925 |
| language | English |
| publishDate | 2025-03-01 |
| publisher | Ruhr-Universität Bochum |
| record_format | Article |
| series | Transactions on Cryptographic Hardware and Embedded Systems |
| spelling | doaj-art-723d86c784c848dfbb1a16ed8602756b2025-08-20T01:57:43ZengRuhr-Universität BochumTransactions on Cryptographic Hardware and Embedded Systems2569-29252025-03-012025210.46586/tches.v2025.i2.1-22Improving MPCitH with Preprocessing: Mask Is All You NeedGuowei Liu0Guoxiao Liu1Kaijie Jiang2Qingyuan Yu3Keting Jia4Puwen Wei5Meiqin Wang6School of Cyber Science and Technology, Shandong University, Qingdao, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, ChinaInstitute for Network Sciences and Cyberspace, Tsinghua University, Beijing, ChinaInstitute for Advanced Study, Tsinghua University, Beijing, ChinaSchool of Cyber Science and Technology, Shandong University, Qingdao, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, ChinaInstitute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China; Zhongguancun Laboratory, Beijing, China; BNRist, Tsinghua University, Beijing, ChinaSchool of Cyber Science and Technology, Shandong University, Qingdao, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China; Quan Cheng Shandong Laboratory, Jinan, ChinaQuan Cheng Shandong Laboratory, Jinan, China; School of Cyber Science and Technology, Shandong University, Qingdao, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China The MPC-in-the-head with preprocessing (MPCitH-PP) paradigm presents a novel approach for constructing post-quantum digital signatures like Picnic3. This paper revisits the MPCitH-PP construction, analyzing both its offline and online phases and proposing a reformulation of the protocol. By identifying redundant computations in these phases, we optimize them into a single phase, thereby enhancing the efficiency of MPCitH-PP. Furthermore, we explore the independence of the mask, demonstrating that it can be calculated in parallel, which also enables the optimization of the masked witness calculation. Our optimized implementation of Picnic3 shows significant improvements. At the L1 security level, the optimal software implementation reduces MPCitH-PP calculation time to about 30% of the previous implementation. The optimal signature implementation costs about 78% of the previous implementation time. At the L5 security level, MPCitH-PP with parallelism optimal is reduced to about 26% of the previous solution’s time, and the optimal signature implementation runs at about 53% of the previous solution’s time. For the hardware implementation, our optimizations reduce the clock cycles of MPCitH-PP from r sequential rounds to a single parallel round, where r denotes the number of rounds in the LowMC algorithm, with little change in hardware usage, and perform better in AT product, especially for parallel computing. https://tches.iacr.org/index.php/TCHES/article/view/12040MPCitH with preprocessingPost-Quantum Digital SignatureSoftware ImplementationHardware Implementation |
| spellingShingle | Guowei Liu Guoxiao Liu Kaijie Jiang Qingyuan Yu Keting Jia Puwen Wei Meiqin Wang Improving MPCitH with Preprocessing: Mask Is All You Need Transactions on Cryptographic Hardware and Embedded Systems MPCitH with preprocessing Post-Quantum Digital Signature Software Implementation Hardware Implementation |
| title | Improving MPCitH with Preprocessing: Mask Is All You Need |
| title_full | Improving MPCitH with Preprocessing: Mask Is All You Need |
| title_fullStr | Improving MPCitH with Preprocessing: Mask Is All You Need |
| title_full_unstemmed | Improving MPCitH with Preprocessing: Mask Is All You Need |
| title_short | Improving MPCitH with Preprocessing: Mask Is All You Need |
| title_sort | improving mpcith with preprocessing mask is all you need |
| topic | MPCitH with preprocessing Post-Quantum Digital Signature Software Implementation Hardware Implementation |
| url | https://tches.iacr.org/index.php/TCHES/article/view/12040 |
| work_keys_str_mv | AT guoweiliu improvingmpcithwithpreprocessingmaskisallyouneed AT guoxiaoliu improvingmpcithwithpreprocessingmaskisallyouneed AT kaijiejiang improvingmpcithwithpreprocessingmaskisallyouneed AT qingyuanyu improvingmpcithwithpreprocessingmaskisallyouneed AT ketingjia improvingmpcithwithpreprocessingmaskisallyouneed AT puwenwei improvingmpcithwithpreprocessingmaskisallyouneed AT meiqinwang improvingmpcithwithpreprocessingmaskisallyouneed |