TUM Logo

Post-Quantum Secure Key Blinding for the GNU Name System

Post-Quantum Secure Key Blinding for the GNU Name System

Supervisor(s): Dr. Martin Schanzenbach, Thomas Bellebaum
Status: finished
Topic: Others
Author: Zeynep Sonkaya
Submission: 2022-11-15
Type of Thesis: Masterthesis
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching


Current widely employed cryptosystems are vulnerable to quantum attacks, rapidly becoming a significant issue with
the recent developments of quantum computers. Various institutions are developing new cryptosystems for digital
signature algorithms to maintain secure systems’ security in the post-quantum era.

Systems with privacy objectives, such as GNU Name System (GNS), combine digital signature schemes that provide
authenticity and integrity with key-blinding techniques to offer anonymity. GNS, a privacy-preserving DNS alternative,
needs to find a replacement for its post-quantum insecure elliptic curve-based signature scheme with key-blinding
that lets it keep its functionalities while being post-quantum secure. For this replacement, we consider Picnic, one of
the new post-quantum secure digital signature algorithms that is a Round-3 candidate in National Institute of Standards
and Technology’s post-quantum signature standardization process, to base our signature scheme with key-blinding.
We designed and implemented a Picnic based signature scheme with key-blinding that offers post-quantum security.
The designed and implemented Picnic scheme with key-blinding offers small public key sizes, relatively large
signature sizes, and tolerable signing and verifying run-times, which privacy-focused systems requiring small public key
size such as GNS can consider using.