460 research outputs found

    A Hardware Implementation of MAYO Signature Scheme

    Get PDF
    We present a hardware implementation for the MAYO post-quantum digital signature scheme, which is submitted to the American National Institute of Standards and Technology’s call for diversification of quantum-resistant public key cryptographic standards. The scheme is based on the Unbalanced Oil and Vinegar signature scheme, which operates on the fact that solving systems of multivariate polynomial equations is NP-complete. MAYO utilizes a unique whipping technique in combination with emulsifier maps to offer a significant reduction in key size compared to other Unbalanced Oil and Vinegar signature schemes. In this paper, we demonstrate how to design a hardware architecture for the MAYO post-quantum signature scheme. We also provide a comprehensive analysis and propose multiple optimization techniques to reduce resource utilization and accelerate computation on hardware platforms

    MQ Signature and Proxy Signature Schemes with Exact Security Based on UOV Signature

    Get PDF
    Multivariate public key cryptography which relies on MQ (Multivariate Quadratic) problems is one of the main approaches to guarantee the security of communication in the post-quantum world. In this paper, we propose a combined MQ signature scheme based on the yet unbroken UOV (Unbalanced Oil and Vinegar) signature if parameters are properly chosen. Our scheme can not only reduce the public key size of the UOV signature, but also provide more tighter bound of security against chosen-message attack in the random oracle model. On the other hand, we propose a proxy signature scheme based on our proposed combined signature scheme. Additionally, we give a strict security proof for our proxy signature scheme. Finally, we present experiments for all of our proposed schemes and the baseline schemes. Comparisons with related schemes show that our work has some advantages on performance along with more strict security

    On the security of Cubic UOV and its variants

    Get PDF
    The unbalanced oil and vinegar signature scheme (UOV) is one of signature schemes whose public key is a set of multivariate quadratic forms. Recently, a new variant of UOV called Cubic UOV was proposed at Inscrypt 2015. It was claimed that the cubic UOV was more efficient than the original UOV and its security was enough. However, an equivalent secret key of the cubic UOV can be recovered easily. In this note, we describe how to recover it. After we posted the first version of this note, Duong et al. proposed two variants of Cubic UOV at ICISC 2016. We also explain their weakness in the second version

    Weaknesses of cubic UOV and its variants

    Get PDF
    The unbalanced oil and vinegar signature scheme (UOV) is a signature scheme whose public key is a set of multivariate quadratic forms over a finite field. This -signature scheme has been considered to be secure and efficient enough under suitable parameter selections. However, the key size of UOV is relatively large and then reducing the key size of UOV is an important issue. Recently in Inscrypt 2015, a new variant of UOV called Cubic UOV was proposed, and in ICISC 2016, two variants of Cubic UOV called CSSv and SVSv were proposed. It has been claimed that these variants were more efficient than the original UOV and were secure enough. However, the security analyses of these schemes were not enough and they can be broken easily. In the present paper, we describe the weaknesses of these schemes

    Under Quantum Computer Attack: Is Rainbow a Replacement of RSA and Elliptic Curves on Hardware?

    Get PDF
    Among cryptographic systems, multivariate signature is one of the most popular candidates since it has the potential to resist quantum computer attacks. Rainbow belongs to the multivariate signature, which can be viewed as a multilayer unbalanced Oil-Vinegar system. In this paper, we present techniques to exploit Rainbow signature on hardware meeting the requirements of efficient high-performance applications. We propose a general architecture for efficient hardware implementations of Rainbow and enhance our design in three directions. First, we present a fast inversion based on binary trees. Second, we present an efficient multiplication based on compact construction in composite fields. Third, we present a parallel solving system of linear equations based on Gauss-Jordan elimination. Via further other minor optimizations and by integrating the major improvement above, we implement our design in composite fields on standard cell CMOS Application Specific Integrated Circuits (ASICs). The experimental results show that our implementation takes 4.9 us and 242 clock cycles to generate a Rainbow signature with the frequency of 50 MHz. Comparison results show that our design is more efficient than the RSA and ECC implementations

    New Directions in Multivariate Public Key Cryptography

    Get PDF
    Most public key cryptosystems used in practice are based on integer factorization or discrete logarithms (in finite fields or elliptic curves). However, these systems suffer from two potential drawbacks. First, they must use large keys to maintain security, resulting in decreased efficiency. Second, if large enough quantum computers can be built, Shor\u27s algorithm will render them completely insecure. Multivariate public key cryptosystems (MPKC) are one possible alternative. MPKC makes use of the fact that solving multivariate polynomial systems over a finite field is an NP-complete problem, for which it is not known whether there is a polynomial algorithm on quantum computers. The main goal of this work is to show how to use new mathematical structures, specifically polynomial identities from algebraic geometry, to construct new multivariate public key cryptosystems. We begin with a basic overview of MPKC and present several significant cryptosystems that have been proposed. We also examine in detail some of the most powerful attacks against MPKCs. We propose a new framework for constructing multivariate public key cryptosystems and consider several strategies for constructing polynomial identities that can be utilized by the framework. In particular, we have discovered several new families of polynomial identities. Finally, we propose our new cryptosystem and give parameters for which it is secure against known attacks on MPKCs

    One vector to rule them all: Key recovery from one vector in UOV schemes

    Get PDF
    Unbalanced Oil and Vinegar is a multivariate signature scheme that was introduced in 1999. Most multivariate candidates for signature schemes at NIST\u27s PQC standardization process are either based on UOV or closely related to it. The UOV trapdoor is a secret subspace, the oil subspace . We show how to recover an equivalent secret key from the knowledge of a single vector in the oil subspace in any characteristic. The reconciliation attack was sped-up by adding some bilinear equations in the subsequent computations, and able to conclude after two vectors were found. We show here that these bilinear equations contain enough information to dismiss the quadratic equations and retrieve the secret subspace with linear algebra for practical parametrizations of UOV, in at most 15 seconds for modern instanciations of UOV. This proves that the security of the UOV scheme lies in the complexity of finding exactly one vector in the oil space. In addition, we deduce a key recovery attack from any forgery attack by applying a corollary of our main result. We show how to extend this result to schemes related to UOV, such as MAYO and VOX

    FPGA implementation of post-quantum DME cryptosystem

    Get PDF
    The rapid development of quantum computing constitutes a significant threat to modern Public-Key Cryptography (PKC). The use of Shor's algorithm with potential powerful quantum computers could easily break the two most widely used public key cryptosystems, namely, RSA and Elliptic Curve Cryptography (ECC), based on integer factorization and discrete logarithm problems. For this reason, Post-Quantum Cryptography (PQC) based on alternative mathematical features has become a fundamental research topic due to its resistance against quantum computers. The National Institute of Standards and Technology (NIST) has even opened a call for proposals of quantum-resistant PKC algorithms in order to standardize one or more PQC algorithms. Cryptographic systems that appear to be extremely difficult to break with large quantum computers are hash -based cryptography, lattice -based cryptography, code -based cryptography, and multivariate -quadratic cryptography. Furthermore, efficient hardware implementations are highly required for these alternative quantum -resistant cryptosystems

    Cryptanalysis of The Lifted Unbalanced Oil Vinegar Signature Scheme

    Get PDF
    In 2017, Ward Beullens \textit{et al.} submitted Lifted Unbalanced Oil and Vinegar (LUOV)\cite{beullens2017field}, a signature scheme based on the famous multivariate public key cryptosystem (MPKC) called Unbalanced Oil and Vinegar (UOV), to NIST for the competition for post-quantum public key scheme standardization. The defining feature of LUOV is that, though the public key P\mathcal{P} works in the extension field of degree rr of F2\mathbb{F}_2, the coefficients of P\mathcal{P} come from F2\mathbb{F}_2. This is done to significantly reduce the size of P\mathcal{P}. The LUOV scheme is now in the second round of the NIST PQC standardization process. In this paper we introduce a new attack on LUOV. It exploits the lifted structure of LUOV to reduce direct attacks on it to those over a subfield. We show that this reduces the complexity below the targeted security for the NIST post-quantum standardization competition

    The Nested Subset Differential Attack: A Practical Direct Attack Against LUOV which Forges a Signature within 210 Minutes

    Get PDF
    In 2017, Ward Beullenset al.submitted Lifted Unbalanced Oil andVinegar, which is a modification to the Unbalanced Oil and Vinegar Schemeby Patarin. Previously, Dinget al.proposed the Subfield Differential Attack which prompted a change of parameters by the authors of LUOV for the sec-ond round of the NIST post quantum standardization competition. In this paper we propose a modification to the Subfield Differential Attack called the Nested Subset Differential Attack which fully breaks half of the pa-rameter sets put forward. We also show by experimentation that this attack ispractically possible to do in under 210 minutes for the level I security param-eters and not just a theoretical attack. The Nested Subset Differential attack isa large improvement of the Subfield differential attack which can be used inreal world circumstances. Moreover, we will only use what is called the lifted structure of LUOV, and our attack can be thought as a development of solving lifted quadratic systems
    corecore