On the Differential Security of the HFEv- Signature Primitive

  • Ryann Cartor
  • Ryan Gipson
  • Daniel Smith-ToneEmail author
  • Jeremy Vates
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9606)


Multivariate Public Key Cryptography (MPKC) is one of the most attractive post-quantum options for digital signatures in a wide array of applications. The history of multivariate signature schemes is tumultuous, however, and solid security arguments are required to inspire faith in the schemes and to verify their security against yet undiscovered attacks. The effectiveness of “differential attacks” on various field-based systems has prompted the investigation of the resistance of schemes against differential adversaries. Due to its prominence in the area and the recent optimization of its parameters, we prove the security of \(HFEv^-\) against differential adversaries. We investigate the newly suggested parameters and conclude that the proposed scheme is secure against all known attacks and against any differential adversary.


Multivariate cryptography HFEv- Discrete differential MinRank Q-rank 


  1. 1.
    Lange, T., et al.: Post-quantum cryptography for long term security. Horizon 2020, ICT-645622 (2015)
  2. 2.
    Campagna, M., Chen, L., et al.: Quantum safe cryptography and security. ETSI White Paper No. 8 (2015).
  3. 3.
    Moody, D., Chen, L., Liu, Y.K.: Nist pqc workgroup. Computer Security Resource Center (2015).
  4. 4.
    Smith-Tone, D.: On the differential security of multivariate public key cryptosystems. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 130–142. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Perlner, R., Smith-Tone, D.: A classification of differential invariants for multivariate post-quantum cryptosystems. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 165–173. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  6. 6.
    Daniels, T., Smith-Tone, D.: Differential properties of the HFE cryptosystem. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 59–75. Springer, Heidelberg (2014)Google Scholar
  7. 7.
    Dubois, V., Fouque, P.-A., Shamir, A., Stern, J.: Practical cryptanalysis of SFLASH. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 1–12. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Shamir, A., Kipnis, A.: Cryptanalysis of the oil & vinegar signature scheme. In: Krawczyk, H. (ed.) CRYPTO ’98. LNCS, pp. 257–266. Springer, Heidelberg (1998)Google Scholar
  9. 9.
    Moody, D., Perlner, R., Smith-Tone, D.: An asymptotically optimal structural attack on the ABC multivariate encryption scheme. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 180–196. Springer, Heidelberg (2014)Google Scholar
  10. 10.
    Patarin, J.: Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt ’88. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 248–261. Springer, Heidelberg (1995)Google Scholar
  11. 11.
    Perlner, R., Smith-Tone, D.: Security analysis and key modification for ZHFE. In: Post-Quantum Cryptography - 7th International Conference, PQCrypto 2016, 24–26 February 2016, Fukuoka, Japan (2016)Google Scholar
  12. 12.
    Patarin, J., Courtois, N.T., Goubin, L.: QUARTZ, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Petzoldt, A., Chen, M., Yang, B., Tao, C., Ding, J.: Design principles for HFEv- based multivariate signature schemes. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 311–334. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  14. 14.
    Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  15. 15.
    Matsumoto, T., Imai, H.: Public quadratic polynominal-tuples for efficient signature-verification and message-encryption. In: EUROCRYPT, pp. 419–453 (1988)Google Scholar
  16. 16.
    Berlekamp, E.R.: Factoring polynomials over large finite fields. Math. Comput. 24, 713–735 (1970)CrossRefMathSciNetGoogle Scholar
  17. 17.
    Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 19. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  18. 18.
    Bettale, L., Faugère, J., Perret, L.: Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Crypt. 69, 1–52 (2013)CrossRefzbMATHGoogle Scholar
  19. 19.
    Fouque, P.-A., Macario-Rat, G., Perret, L., Stern, J.: Total break of the \(\ell \)-IC signature scheme. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 1–17. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    Smith-Tone, D.: Properties of the discrete differential with cryptographic applications. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 1–12. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Faugère, J.-C., Joux, A.: Algebraic cryptanalysis of hidden field equation (HFE) cryptosystems using gröbner bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 44–60. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Ding, J., Yang, B.-Y.: Degree of regularity for HFEv and HFEv-. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 52–66. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  23. 23.
    Wolf, C., Preneel, B.: Equivalent keys in multivariate quadratic public key systems. J. Math. Crypt. 4, 375–415 (2011)MathSciNetGoogle Scholar
  24. 24.
    Gaborit, P. (ed.): PQCrypto 2013. Security and Cryptology, vol. 7932. Springer, Heidelberg (2013)zbMATHGoogle Scholar
  25. 25.
    Mosca, M. (ed.): PQCrypto 2014. LNCS, vol. 8772. Springer, Heidelberg (2014)zbMATHGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Ryann Cartor
    • 1
  • Ryan Gipson
    • 1
  • Daniel Smith-Tone
    • 1
    • 2
    Email author
  • Jeremy Vates
    • 1
  1. 1.Department of MathematicsUniversity of LouisvilleLouisvilleUSA
  2. 2.National Institute of Standards and TechnologyGaithersburgUSA

Personalised recommendations