An Efficient MQ-Signature Scheme Based on Sparse Polynomials

Multivariate quadratic (MQ) equations-based cryptography is one of the most promising alternatives for currently used public-key cryptographic algorithms in the post-quantum era. It is important to design practical public-key signature schemes on embedded processors and resource-constrained devices for emerging applications in Internet of Things. The MQ-signature schemes are suitable for low-cost constrained devices since they require only modest computational resources. In this paper, we propose an efficient MQ-signature scheme, SOV, using sparse polynomials with a shorter secret key and give its security analysis against known algebraic attacks. Compared to Rainbow, the secret key of SOV has reduced by a factor of 90% without increasing the public key size. In particular, SOV requires signatures of 52 bytes, while ECDSA-256 requires signatures of 64 bytes.

[1]  Steven D. Galbraith,et al.  SeaSign: Compact isogeny signatures from class group actions , 2019, IACR Cryptol. ePrint Arch..

[2]  Bo-Yin Yang,et al.  Design Principles for HFEv- Based Multivariate Signature Schemes , 2015, ASIACRYPT.

[3]  Léo Ducas,et al.  Lattice Signatures and Bimodal Gaussians , 2013, IACR Cryptol. ePrint Arch..

[4]  Ariel Shamir,et al.  Cryptanalysis of the oil and vinegar signature scheme , 1998 .

[5]  Jeffrey Shallit,et al.  The Computational Complexity of Some Problems of Linear Algebra , 1996, J. Comput. Syst. Sci..

[6]  Taizo Shirai,et al.  Public-Key Identification Schemes Based on Multivariate Quadratic Polynomials , 2011, CRYPTO.

[7]  Bart Preneel,et al.  Large Superfluous Keys in Multivariate Quadratic Asymmetric Systems , 2005, Public Key Cryptography.

[8]  Jean-Charles Faugère,et al.  Polynomial Equivalence Problems: Algorithmic and Theoretical Aspects , 2006, EUROCRYPT.

[9]  Bo-Yin Yang,et al.  A More Secure and Efficacious TTS Signature Scheme , 2003, ICISC.

[10]  Louis Goubin,et al.  QUARTZ, 128-Bit Long Digital Signatures , 2001, CT-RSA.

[11]  Nicolas Sendrier,et al.  Implementing CFS , 2012, INDOCRYPT.

[12]  Luk Bettale,et al.  Hybrid approach for solving multivariate systems over finite fields , 2009, J. Math. Cryptol..

[13]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[14]  Albrecht Petzoldt,et al.  Selecting and reducing key sizes for multivariate cryptography , 2013 .

[15]  Chen-Mou Cheng,et al.  Implementing 128-Bit Secure MPKC Signatures , 2018, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[16]  Bo-Yin Yang,et al.  Tame Transformation Signatures With Topsy-Turvy Hashes , .

[17]  Chen-Mou Cheng,et al.  New Differential-Algebraic Attacks and Reparametrization of Rainbow , 2008, ACNS.

[18]  Léo Ducas,et al.  Accelerating Bliss: the geometry of ternary polynomials , 2014, IACR Cryptol. ePrint Arch..

[19]  Louis Goubin,et al.  Unbalanced Oil and Vinegar Signature Schemes , 1999, EUROCRYPT.

[20]  Jintai Ding,et al.  Rainbow, a New Multivariable Polynomial Signature Scheme , 2005, ACNS.

[21]  Pierre-Alain Fouque,et al.  Graph-Theoretic Algorithms for the "Isomorphism of Polynomials" Problem , 2013, EUROCRYPT.

[22]  Sedat Akleylek,et al.  An Efficient Lattice-Based Signature Scheme with Provably Secure Instantiation , 2016, AFRICACRYPT.

[23]  Erdem Alkim,et al.  TESLA: Tightly-Secure Efficient Signatures from Standard Lattices , 2015, IACR Cryptol. ePrint Arch..

[24]  Andrey Bogdanov,et al.  Time-Area Optimized Public-Key Engines: MQ-Cryptosystems as Replacement for Elliptic Curves? , 2008, IACR Cryptol. ePrint Arch..

[25]  Bo-Yin Yang,et al.  TTS: Rank Attacks in Tame-Like Multivariate PKCs , 2004, IACR Cryptol. ePrint Arch..

[26]  Jean Charles Faugère,et al.  A new efficient algorithm for computing Gröbner bases without reduction to zero (F5) , 2002, ISSAC '02.

[27]  Chen-Mou Cheng,et al.  SSE Implementation of Multivariate PKCs on Modern x86 CPUs , 2009, CHES.

[28]  Johannes A. Buchmann,et al.  XMSS - A Practical Forward Secure Signature Scheme based on Minimal Security Assumptions , 2011, IACR Cryptol. ePrint Arch..

[29]  Fang Song,et al.  Mitigating Multi-Target Attacks in Hash-based Signatures , 2016, IACR Cryptol. ePrint Arch..

[30]  Enrico Thomae,et al.  About the security of multivariate quadratic public key schemes , 2013 .

[31]  Jacques Patarin,et al.  Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms , 1996, EUROCRYPT.

[32]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[33]  Danilo Gligoroski,et al.  MQQ-SIG - An Ultra-Fast and Provably CMA Resistant Digital Signature Scheme , 2011, INTRUST.

[34]  Steven D. Galbraith,et al.  Identification Protocols and Signature Schemes Based on Supersingular Isogeny Problems , 2017, ASIACRYPT.

[35]  Olivier Billet,et al.  Cryptanalysis of Rainbow , 2006, SCN.

[36]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[37]  Peter Schwabe,et al.  SPHINCS: Practical Stateless Hash-Based Signatures , 2015, EUROCRYPT.

[38]  Stefan Heyse,et al.  Efficient Implementations of MQPKS on Constrained Devices , 2012, CHES.

[39]  Danilo Gligoroski,et al.  A Polynomial-Time Key-Recovery Attack on MQQ Cryptosystems , 2014, Public Key Cryptography.

[40]  Sidi Mohamed El Yousfi Alaoui,et al.  Extended Security Arguments for Signature Schemes , 2012, AFRICACRYPT.