Photo by Delaney Van on Unsplash

Why Did NIST Pick Dilithium and FALCON?

When both of them are lattice-based methods and Dilithium is so much faster

And, so, NIST selected Dilithium for quantum robust digital signatures. But, they are also taking forward FALCON and SPHINCS+. While SPHINCS+ is a hash-based signature method, FALCON is a lattice method such as Dilithium. Why did NIST pick two lattice methods?

Well, first we will analyse why Dilithium was selected. If run a test, we get that we can achieve 51,315 key pair iterations in three seconds [here]:

Operation                      | Iterations | Total time (s) | Time (us): mean | pop. stdev | CPU cycles: mean          | pop. stdev
------------------------------ | ----------:| --------------:| ---------------:| ----------:| -------------------------:| ----------:
Dilithium2                     |            |                |                 |            |                           |           
keypair                        |      51315 |          3.000 |          58.463 |    175.138 |                    116511 |     349422
sign                           |      17473 |          3.003 |         171.848 |   1143.485 |                    342726 |    2281463
verify                         |      53125 |          3.001 |          56.486 |    176.715 |                    112506 |     351939