Reducing keys in Rainbow-like signature schemes

TCC (graduação) - Universidade Federal de Santa Catarina. Centro Tecnológico. Ciências da Computação.Os algoritmos clássicos de assinatura digital como RSA e ECDSA baseiam sua segurança na dificuldade da fatoração de inteiros, e no logaritmo discreto, respectivamente. Esses problemas já possuem algoritmos quânticos que os resolvem em tempo polinomial, ou seja, com computadores quânticos poderosos o suficiente, o uso dos algoritmos de assinatura digital mais difundidos tornará-se impraticável. Naturalmente, com o aumento do poder computacional quântico, o interesse por criptossistemas resistentes a ataques que utilizam-se de tais computadores também cresceu. A área que estuda esses criptossistemas é chamada de criptografia pós-quântica. Particularmente, esses algoritmos baseiam-se numa série de problemas que, por enquanto, permanecem difíceis, mesmo que computadores quânticos poderosos sejam utilizados, logo, despertam o interesse para substituir os criptossistemas clássicos. Este trabalho aborda criptossistemas baseados em sistemas de polinômios multivariados, que, baseiam-se em problemas como a solução de sistemas de polinômios e o isomorfismo de polinômios, os quais ainda são resistentes a algoritmos quânticos, e portanto, são candidatos para criptografia pós-quântica. Tais esquemas possuem tamanhos de chaves muito maiores que os algoritmos clássicos. Neste trabalho um novo método para redução de chaves privadas do esquema de assinatura digital Rainbow é proposto. Usando este método as chaves privadas podem ser reduzidas em até 84\%. Ainda, este método pode ser combinado com outros de forma a reduzir tanto a chave privada como a chave pública.Classic digital signature algorithms base their security upon the difficulty of the integer factorization problem, and the discrete logarithm problem, respectively. These problems already have quantum algorithms that solve them in polynomial time, consequently, with sufficiently powerful quantum computers, the use of the most common digital signature algorithms would become impractical. Naturally, with the rise in quantum computational power, the interest in cryptosystems resistant to attacks that make use of such computers has raised as well. The area that studies such cryptosystems is called post-quantum cryptography. Particularly, these algorithms are based upon a series of problems that, at this time, continue to be hard, even with quantum computers available, hence, provoke interest to substitute the classical schemes. This work approaches cryptosystems based on systems of multivariate polynomials. They base their security upon problems like the polynomial system solving and the isomorphism of polynomials, which are still resistant to quantum computers, henceforth are candidates to post-quantum cryptography. Such schemes have much larger keys than classical algorithms. In this work a new method that allows the reduction of private keys of the Rainbow digital signature scheme is proposed. Using this method, private keys can be reduced by up to 84\%. Still, this method can be combined with others to reduce the private key and the public key simultaneously

NOVA, a Noncommutative-ring Based Unbalanced Oil and Vinegar Signature Scheme with Key-randomness Alignment

In this paper, we propose a noncommutative-ring based unbalanced oil and vinegar signature scheme with key-randomness alignment: NOVA (Noncommutative Oil and Vinegar with Alignment). Instead of fields or even commutative rings, we show that noncommutative rings can be used for algebraic cryptosystems. At the same or better level of security requirement, NOVA has a much smaller public key than UOV (Unbalanced Oil and Vinegar), which makes NOVA practical in most situations. We use Magma to actually implement and give a detailed security analysis against known major attacks

CoLoR: a Coq library on well-founded rewrite relations and its application to the automated verification of termination certificates

Termination is an important property of programs; notably required for programs formulated in proof assistants. It is a very active subject of research in the Turing-complete formalism of term rewriting systems, where many methods and tools have been developed over the years to address this problem. Ensuring reliability of those tools is therefore an important issue. In this paper we present a library formalizing important results of the theory of well-founded (rewrite) relations in the proof assistant Coq. We also present its application to the automated verification of termination certificates, as produced by termination tools

A Simple Noncommutative UOV Scheme

In this paper, we propose a simple noncommutative-ring based UOV signature scheme with key-randomness alignment: Simple NOVA, which can be viewed as a simplified version of NOVA[48]. We simplify the design of NOVA by skipping the perturbation trick used in NOVA, thus shortens the key generation process and accelerates the signing and verification. Together with a little modification accordingly, this alternative version of NOVA is also secure and may be more suitable for practical uses. We also use Magma to actually implement and give a detailed security analysis against known major attacks

Developments in multivariate post quantum cryptography.

Ever since Shor\u27s algorithm was introduced in 1994, cryptographers have been working to develop cryptosystems that can resist known quantum computer attacks. This push for quantum attack resistant schemes is known as post quantum cryptography. Specifically, my contributions to post quantum cryptography has been to the family of schemes known as Multivariate Public Key Cryptography (MPKC), which is a very attractive candidate for digital signature standardization in the post quantum collective for a wide variety of applications. In this document I will be providing all necessary background to fully understand MPKC and post quantum cryptography as a whole. Then, I will walk through the contributions I provided in my publications relating to differential security proofs for HFEv and HFEv−, key recovery attack for all parameters of HFEm, and my newly proposed multivariate encryption scheme, HFERP

A post-quantum digital signature scheme based on supersingular isogenies

We present the first general-purpose digital signature scheme based on supersingular elliptic curve isogenies secure against quantum adversaries in the quantum random oracle model with small key sizes. This scheme is an application of Unruh’s construction of non-interactive zero-knowledge proofs to an interactive zero-knowledge proof proposed by De Feo, Jao, and Plut. We implement our proposed scheme on an x86- 64 PC platform as well as an ARM-powered device. We exploit the stateof-the-art techniques to speed up the computations for general C and assembly. Finally, we provide timing results for real world applications

New Directions in Multivariate Public Key Cryptography

Most public key cryptosystems used in practice are based on integer factorization or discrete logarithms (in finite fields or elliptic curves). However, these systems suffer from two potential drawbacks. First, they must use large keys to maintain security, resulting in decreased efficiency. Second, if large enough quantum computers can be built, Shor\u27s algorithm will render them completely insecure. Multivariate public key cryptosystems (MPKC) are one possible alternative. MPKC makes use of the fact that solving multivariate polynomial systems over a finite field is an NP-complete problem, for which it is not known whether there is a polynomial algorithm on quantum computers. The main goal of this work is to show how to use new mathematical structures, specifically polynomial identities from algebraic geometry, to construct new multivariate public key cryptosystems. We begin with a basic overview of MPKC and present several significant cryptosystems that have been proposed. We also examine in detail some of the most powerful attacks against MPKCs. We propose a new framework for constructing multivariate public key cryptosystems and consider several strategies for constructing polynomial identities that can be utilized by the framework. In particular, we have discovered several new families of polynomial identities. Finally, we propose our new cryptosystem and give parameters for which it is secure against known attacks on MPKCs