Table of Contents
Fetching ...

Eidolon: A Practical Post-Quantum Signature Scheme Based on k-Colorability in the Age of Graph Neural Networks

Asmaa Cherkaoui, Ramon Flores, Delaram Kahrobaei, Richard Wilson

TL;DR

Eidolon tackles post-quantum signatures by encoding security on the NP-hard $k$-colorability problem, generalizing the GMW zero-knowledge protocol to arbitrary $k\ge 3$ and applying Fiat–Shamir for non-interactive signatures. A planted quiet-coloring construction embeds a secret coloring in a random-like graph, aiming to preserve witness hardness and statistical indistinguishability, while Merkle-tree vector commitments compress signatures from $O(tn)$ to $O(t\log n)$. The authors provide a comprehensive empirical security study against both classical solvers (ILP, DSatur) and a graph neural network attacker, showing that for $n\ge 60$ the planted coloring remains unrecovered under tested densities, supporting combinatorial hardness as a post-quantum primitive. The work contributes a practical PQ signature scheme, concrete parameter discussions, and a framework for hard-instance generation, with future work focusing on standard security parameter tuning and resistance to adaptive or side-channel threats.

Abstract

We propose Eidolon, a practical post-quantum signature scheme based on the NP-complete k-colorability problem. Our construction generalizes the Goldreich-Micali-Wigderson zero-knowledge protocol to arbitrary k >= 3, applies the Fiat-Shamir transform, and uses Merkle-tree commitments to compress signatures from O(tn) to O(t log n). Crucially, we generate hard instances via planted "quiet" colorings that preserve the statistical profile of random graphs. We present the first empirical security analysis of such a scheme against both classical solvers (ILP, DSatur) and a custom graph neural network (GNN) attacker. Experiments show that for n >= 60, neither approach recovers the secret coloring, demonstrating that well-engineered k-coloring instances can resist modern cryptanalysis, including machine learning. This revives combinatorial hardness as a credible foundation for post-quantum signatures.

Eidolon: A Practical Post-Quantum Signature Scheme Based on k-Colorability in the Age of Graph Neural Networks

TL;DR

Eidolon tackles post-quantum signatures by encoding security on the NP-hard -colorability problem, generalizing the GMW zero-knowledge protocol to arbitrary and applying Fiat–Shamir for non-interactive signatures. A planted quiet-coloring construction embeds a secret coloring in a random-like graph, aiming to preserve witness hardness and statistical indistinguishability, while Merkle-tree vector commitments compress signatures from to . The authors provide a comprehensive empirical security study against both classical solvers (ILP, DSatur) and a graph neural network attacker, showing that for the planted coloring remains unrecovered under tested densities, supporting combinatorial hardness as a post-quantum primitive. The work contributes a practical PQ signature scheme, concrete parameter discussions, and a framework for hard-instance generation, with future work focusing on standard security parameter tuning and resistance to adaptive or side-channel threats.

Abstract

We propose Eidolon, a practical post-quantum signature scheme based on the NP-complete k-colorability problem. Our construction generalizes the Goldreich-Micali-Wigderson zero-knowledge protocol to arbitrary k >= 3, applies the Fiat-Shamir transform, and uses Merkle-tree commitments to compress signatures from O(tn) to O(t log n). Crucially, we generate hard instances via planted "quiet" colorings that preserve the statistical profile of random graphs. We present the first empirical security analysis of such a scheme against both classical solvers (ILP, DSatur) and a custom graph neural network (GNN) attacker. Experiments show that for n >= 60, neither approach recovers the secret coloring, demonstrating that well-engineered k-coloring instances can resist modern cryptanalysis, including machine learning. This revives combinatorial hardness as a credible foundation for post-quantum signatures.
Paper Structure (33 sections, 2 theorems, 32 equations, 5 figures, 1 table, 6 algorithms)

This paper contains 33 sections, 2 theorems, 32 equations, 5 figures, 1 table, 6 algorithms.

Key Result

Lemma 3.1

Suppose $H$ is collision-resistant and $f$ is binding. Fix round $i$ and index $v$. Given $R_i$, it is infeasible to produce two distinct valid openings for position $v$, i.e., pairs $(\alpha,r)\neq(\alpha',r')$ and authentication paths such that both

Figures (5)

  • Figure 1: Example of a generated $k$-colorable graph.
  • Figure 2: The observed chromatic number of random graphs using an exact algorithm and the minimal coloring discovered by the DSatur algorithm. The upper and lower bounds of $\chi$ due to Bollobás are also plotted.
  • Figure 3: The time taken for our exact solver to find a minimal coloring of the graph with a planted coloring of size $k$. Below $k=8$, the algorithm discovers the planted solution. Above this point, the algorithm finds a natural coloring of the random graph with size around 8.
  • Figure 4: The time-to-solution for the exact ILP solver on planted graphs with planted $k$ chosen according to the empirical power law.
  • Figure 5: The size of the recovered colorings for planted graphs using approximate algorithms. The dotted line shows the number of colors $k$ used in the planted graphs. The dashed line gives the number of colors used by DSatur, and the solid line those used by the GNN algorithm. The lighter lines show the results for these algorithms on ER graphs, i.e. random graphs with no planted solution.

Theorems & Definitions (6)

  • Lemma 3.1: Vector binding under a Merkle root MerkleTreeKatzLindellGoldreichFoC1CatalanoFioreVC
  • proof
  • Definition 4.1: PPT algorithms and negligible functions GoldreichFoC1, KatzLindell
  • Definition 4.2: EUF--CMA existential unforgeability under adaptive chosen-message attack GoldwasserMicaliRivest, KatzLindell
  • Proposition 4.1: Unforgeability in the Random Oracle Model (ROM)
  • proof : Esquisse