Small Public Keys and Fast Verification for $\mathcal{M}$ ultivariate $\mathcal{Q}$ uadratic Public Key Systems

Security of public key schemes in a post-quantum world is a challenging task—as both RSA and ECC will be broken then. In this paper, we show how post-quantum signature systems based on \(\mathcal{M}\)ultivariate \(\mathcal{Q}\)uadratic (\(\mathcal{MQ}\)) polynomials can be improved up by about 9/10, and 3/5, respectively, in terms of public key size and verification time. The exact figures are 88% and 59%. This is particularly important for small-scale devices with restricted energy, memory, or computational power. In addition, we provide evidence that this reduction does not affect security and that it is also optimal in terms of possible attacks. We do so by combining the previously unrelated concepts of reduced and equivalent keys. Our new scheme is based on the so-called Unbalanced Oil and Vinegar class of \(\mathcal{MQ}\)-schemes. We have derived our results mathematically and verified the speed-ups through a C++ implementation.

[1]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[2]  Bart Preneel,et al.  Large Superfluous Keys in Multivariate Quadratic Asymmetric Systems , 2005, Public Key Cryptography.

[3]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[4]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[5]  P. Erdös On an extremal problem in graph theory , 1970 .

[6]  Feipei Lai,et al.  Similar Keys of Multivariate Quadratic Public Key Cryptosystems , 2005, CANS.

[7]  Stanislav Bulygin,et al.  Small Public Keys and Fast Verification for Multivariate Quadratic Public Key Systems , 2011, IACR Cryptol. ePrint Arch..

[8]  Bart Preneel,et al.  Equivalent keys in ℳultivariate uadratic public key systems , 2005, J. Math. Cryptol..

[9]  Chen-Mou Cheng,et al.  SSE Implementation of Multivariate PKCs on Modern x86 CPUs , 2009, CHES.

[10]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[11]  Stanislav Bulygin,et al.  Linear Recurring Sequences for the UOV Key Generation , 2011, Public Key Cryptography.

[12]  Luk Bettale,et al.  Hybrid approach for solving multivariate systems over finite fields , 2009, J. Math. Cryptol..

[13]  Adi Shamir,et al.  Cryptanalysis of the Oil & Vinegar Signature Scheme , 1998, CRYPTO.

[14]  Serge Vaudenay Public Key Cryptography - PKC 2005, 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005, Proceedings , 2005, Public Key Cryptography.

[15]  Christophe Clavier,et al.  Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6-9, 2009, Proceedings , 2009, CHES.

[16]  Chen-Mou Cheng,et al.  Practical-Sized Instances of Multivariate PKCs: Rainbow, TTS, and lIC-Derivatives , 2008, PQCrypto.

[17]  Jean Charles Faugère,et al.  A new efficient algorithm for computing Gröbner bases without reduction to zero (F5) , 2002, ISSAC '02.

[18]  Bart Preneel,et al.  Taxonomy of Public Key Schemes based on the problem of Multivariate Quadratic equations , 2005, IACR Cryptol. ePrint Arch..

[19]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[20]  Elisabeth Oswald,et al.  Cryptographic Hardware and Embedded Systems - CHES 2008, 10th International Workshop, Washington, D.C., USA, August 10-13, 2008. Proceedings , 2008, CHES.

[21]  Bo-Yin Yang,et al.  Multivariate Public Key Cryptography , 2009 .

[22]  Mark Manulis,et al.  Cryptology and Network Security , 2012, Lecture Notes in Computer Science.

[23]  Louis Goubin,et al.  Unbalanced Oil and Vinegar Signature Schemes , 1999, EUROCRYPT.

[24]  Bo-Yin Yang,et al.  TTS: High-Speed Signatures on a Low-Cost Smart Card , 2004, CHES.

[25]  Stanislav Bulygin,et al.  CyclicRainbow - A Multivariate Signature Scheme with a Partially Cyclic Public Key , 2010, INDOCRYPT.

[26]  Rosario Gennaro,et al.  Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings , 2011, Public Key Cryptography.

[27]  Andrey Bogdanov,et al.  Time-Area Optimized Public-Key Engines: MQ-Cryptosystems as Replacement for Elliptic Curves? , 2008, IACR Cryptol. ePrint Arch..