Falcon - Quantum-Safe Digital Signatures

Falcon is a lattice-based digital signature algorithm designed to be secure against quantum computer attacks.

Key Generation

Generate a Falcon key pair for signing and verification

Key generation may take several seconds due to the complexity of the algorithm.

Sign File

Upload a file and sign it with your private key

Verify Signature

Verify a file's signature using the signer's public key

Paste the signature or upload a signature file

About Falcon

Falcon (Fast-Fourier Lattice-based Compact Signatures over NTRU) is a digital signature algorithm based on lattice cryptography. It was selected by NIST as one of the standardized post-quantum signature algorithms in 2022.

Key Features:
  • Type: Lattice-based digital signature algorithm
  • Security Basis: NTRU lattices and the Short Integer Solution (SIS) problem
  • Quantum Resistance: Designed to be secure against attacks from quantum computers
  • Variants: Falcon-512 (NIST Level 1) and Falcon-1024 (NIST Level 5)
  • Signature Size: Compact signatures (about 666 bytes for Falcon-512, 1280 bytes for Falcon-1024)
  • Performance: Fast verification and reasonably fast signing
How Falcon Works:
  1. Key Generation:
    • Generate an NTRU lattice with a trapdoor
    • The public key is a description of the lattice
    • The private key is the trapdoor information that allows efficient sampling of short vectors
  2. Signing:
    • Hash the message to a point in the lattice
    • Use the private key to find a short vector that maps to this point
    • This short vector is the signature
  3. Verification:
    • Hash the message to get the same point in the lattice
    • Verify that the signature is a short vector that maps to this point
    • Check that the signature vector is sufficiently short
Advantages of Falcon:
Feature Advantage
Signature Size Smaller signatures compared to many other post-quantum algorithms
Security Based on well-studied lattice problems with reductions to hard problems
Performance Fast verification and competitive signing speed
Standardization Selected by NIST for standardization, indicating high confidence in its security
Comparison with Other Post-Quantum Signature Algorithms:
  • Dilithium: Another NIST-selected lattice-based signature algorithm. Dilithium has simpler implementation but larger signatures than Falcon.
  • SPHINCS+: A hash-based signature scheme also selected by NIST. It has very strong security assumptions but larger signatures and slower performance than Falcon.
Note: Falcon is primarily designed for digital signatures and cannot be used for encryption. For post-quantum encryption, algorithms like Kyber (also selected by NIST) should be used.