This repository implements the signature scheme Falcon (https://falcon-sign.info/). Falcon stands for FAst Fourier Lattice-based COmpact signatures over NTRU
Authors: Renaud Dubois and Simon Masson.
Acknowledgements: Thomas Prest for the originial code, Zhenfei Zhang for the possible optimizations.
License: MIT.
It is possible to generate a key pair, sign a message and verify a signature in one command-line.
./sign_cli.py genkeys --version='falcon' # or 'ethfalcon'
It creates two files private_key.pem and public_key.pem storing the private and public keys.
It also prints the public key in Solidity format.
./sign_cli.py sign --data=deadbeef --privkey=private_key.pem
It create a signature file sig for the given message and the private key.
The signature is stored in hexadecimal format.
It also prints the signature in Solidity format.
./sign_cli.py verify --data=deadbeef --pubkey=public_key.pem --signature='sig'
It outputs the validity of the signature with respect to a message and a public key given as input. The signature needs to be provided as a (large) string.
Tests of key generation, signing and verification can be done in iterative and recursive NTT. The HashToPoint can be set with the SHAKE256, KeccaXOF (implemented in Tetration), or KeccakPRNG (a PRNG based on Keccak).
make test
This runs the original tests, and additional tests made in test_xxx.py.
| n | Key generation | Signature | Verification | |||||
|---|---|---|---|---|---|---|---|---|
| NTT iterative | NTT recursive | SHAKE256 | KeccaXOF | NTT iterative | NTT recursive | SHAKE256 | KeccaXOF | |
| 64 | 180 ms | 96 ms | 2.4 ms | 2.4 ms | 0.3 ms | 0.6 ms | 0.3 ms | 0.4 ms |
| 128 | 825 ms | 1033 ms | 4.7 ms | 4.7 ms | 0.6 ms | 1.4 ms | 0.6 ms | 0.7 ms |
| 256 | 1051 ms | 1530 ms | 9.7 ms | 9.4 ms | 1.3 ms | 3.0 ms | 1.3 ms | 1.3 ms |
| 512 | 2273 ms | 1755 ms | 19.2 ms | 19.0 ms | 3.0 ms | 6.6 ms | 3.0 ms | 3.0 ms |
| 1024 | 10256 ms | 13652 ms | 39.3 ms | 39.2 ms | 6.4 ms | 14.2 ms | 6.4 ms | 6.2 ms |
