Multivariate cryptography
This article needs additional citations for verification. (February 2022) |
Multivariate cryptography is the generic term for asymmetric cryptographic primitives based on multivariate polynomials over a finite field . In certain cases those polynomials could be defined over both a ground and an extension
History
Tsutomu Matsumoto and
In addition to HFE, Patarin developed other schemes. In 1997 he presented “Balanced Oil & Vinegar” and in 1999 “
Construction
Multivariate Quadratics involves a public and a private key. The private key consists of two affine transformations, S and T, and an easy to invert quadratic map . We denote the matrix of the affine endomorphisms by and the shift vector by and similarly for . In other words,
- and
- .
The triple is the private key, also known as the trapdoor. The public key is the composition which is by assumption hard to invert without the knowledge of the trapdoor.
Signature
Signatures are generated using the private key and are verified using the public key as follows. The message is hashed to a vector in via a known hash function. The signature is
- .
The receiver of the signed document must have the public key P in possession. He computes the hash and checks that the signature fulfils .
Applications
- Unbalanced Oil and Vinegar
- Hidden Field Equations
- SFLASH by NESSIE
- Rainbow
- TTS
- QUARTZ
- QUAD (cipher)
- Four multivariate cryptography signature schemes (GeMMS, LUOV, Rainbow and MQDSS) have made their way into the 2nd round of the NIST post-quantum competition: see slide 12 of the report.[2]
References
- OCLC 4195125.
- ^ Moody, Dustin. "The 2nd Round of the NIST PQC Standardization Process". NIST. Retrieved 11 October 2020.
- [BFP13] L. Bettale, Jean-Charles Faugère, and L. Perret, Cryptanalysis of HFE, Multi-HFE and Variants for Odd and Even Characteristic. DCC'13
- [FJ03] Jean-Charles Faugère and A. Joux, Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases. CRYPTO'03
- [GJS06] L. Granboulan, Antoine Joux, J. Stern: Inverting HFE Is Quasipolynomial. CRYPTO'06.
- Kipnis, Aviad; Shamir, Adi (1999). "Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization". Advances in Cryptology – CRYPTO' 99. Berlin, Heidelberg: Springer. MR 1729291.
- Kipnis, Aviad; Patarin, Jacques; Goubin, Louis (1999). "Unbalanced Oil and Vinegar Signature Schemes" (PDF). In Jacques Stern (ed.). Advances in Cryptology – CRYPTO' 99. Eurocrypt'99. Springer. MR 1717470.
- Matsumoto, Tsutomu; MR 0994679.
- Patarin, Jacques (1995). "Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88". Advances in Cryptology – CRYPT0' 95. Lecture Notes in Computer Science. Vol. 963. Berlin, Heidelberg: Springer. pp. 248–261. MR 1445572.
- [P96] Jacques Patarin, Hidden Field Equations (HFE) and Isomorphisms of Polynomials (IP): two new Families of Asymmetric Algorithms (extended version); Eurocrypt '96
- Christopher Wolf and Bart Preneel, Taxonomy of Public Key Schemes based on the problem of Multivariate Quadratic equations; Current Version: 2005-12-15
- An Braeken, Christopher Wolf, and Bart Preneel, A Study of the Security of Unbalanced Oil and Vinegar Signature Schemes, Current Version: 2005-08-06
- Jintai Ding, Research Project: Cryptanalysis on Rainbow and TTS multivariate public key signature scheme
- Jacques Patarin, Nicolas Courtois, Louis Goubin, SFLASH, a fast asymmetric signature scheme for low-cost smartcards. Primitive specification and supporting documentation.
- Bo-Yin Yang, Chen-Mou Cheng, Bor-Rong Chen, and Jiun-Ming Chen, Implementing Minimized Multivariate PKC on Low-Resource Embedded Systems, 2006
- Bo-Yin Yang, Jiun-Ming Chen, and Yen-Hung Chen, TTS: High-Speed Signatures on a Low-Cost Smart Card, 2004
- Nicolas T. Courtois, Short Signatures, Provable Security, Generic Attacks and Computational Security of Multivariate Polynomial Schemes such as HFE, Quartz and Sflash, 2005
- Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, Handbook of Applied Cryptography, 1997