Dilithium is a lattice-based that secures data against quantum computing threats. It is based on the CRYSTALS (Cryptographic Suite for Algebraic Lattices) family of Post-Quantum Cryptography (PQC) algorithms. It is particularly well suited to protect against chosen-message attacks.
Because Dilithium is based on hardness of lattice problems over module lattices, it’s a PQC scheme that’s much faster than hash-based schemes, and it’s easy to implement, because it doesn’t need Gaussian sampling.
At its base, Dilithium operates on Lyubashevsky’s Fiat-Shamir with Aborts for its lattice scheme. This paradigm repeats executions until verifying a loop iteration that doesn’t abort. The result of this protocol use is a significantly smaller public key, resulting in higher security and efficiency with lower energy consumption.
Unlike other PQC signing schemes, the most recent versions of Dilithium use AES-256 instead of SHAKE. This delivers an expanded matrix and making vector. AES-256 is also used to sample secret polynomials.
Dilithium variants:
Dilithium2-AES
Dilithium3-AES
Dilithium5-AES
The inventors of Dilithium recommend Dilithium 3-AES, because it achieves at least 128 bits of security against classical and quantum attacks.
In 2016, the United States National Institute of Standards and Technology put out a , requesting submissions of post-quantum cryptographic schemes. Round 1 submissions closed on November 30, 2017. Several dozen schemes were presented and considered.
CRYSTALS-Dilithium was one of four schemes recommended by NIST as an accepted standard for PQC, and one of only three recommended for digital signing.