Security Analysis of Improved Cubic UOV Signature Schemes

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10779)

Abstract

At ICISC 2016, Duong et al. proposed two signature schemes based on multivariate quadratic equations, CSSv and SVSv by improving the security of the cubic UOV against Hashimoto’s attack. They claimed that the schemes were secure against all known attacks. We show that the schemes are insecure against key recovery attack using good keys and HighRank attacks. From a practical point of view, we are able to break their parameter at an 128-bit security level in 2 min by using the HighRank attack.

Keywords

Equivalent key Key recovery attack using good keys Multivariate-quadratic scheme HighRank attack 

References

  1. 1.
    Battale, L., Faugere, J.C., Perret, L.: Solving polynoimal systems over finite fields: improved analysis of the hybrid approach. In: ISSAC 2012, pp. 67–74. ACM (2012)Google Scholar
  2. 2.
    Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005).  https://doi.org/10.1007/11496137_12 CrossRefGoogle Scholar
  3. 3.
    Duong, D.H., Petzoldt, T.A., Wang, Y., Takagi, T.: Revisiting the Cubic UOV signature scheme, Cryptology ePrint Archive: Report 2016/1079Google Scholar
  4. 4.
    Duong, D.H., Petzoldt, A., Wang, Y., Takagi, T.: Revisiting the Cubic UOV signature scheme. In: Hong, S., Park, J.H. (eds.) ICISC 2016. LNCS, vol. 10157, pp. 223–238. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-53177-9_12 CrossRefGoogle Scholar
  5. 5.
    Faugère, J.C.: A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra 139, 61–88 (1999)MathSciNetCrossRefMATHGoogle Scholar
  6. 6.
    Faugère, J.-C., Gligoroski, D., Perret, L., Samardjiska, S., Thomae, E.: A polynomial-time key-recovery attack on MQQ cryptosystems. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 150–174. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46447-2_7 Google Scholar
  7. 7.
    Hashimoto, Y.: On the security of Cubic UOV. IACR eprint archive. http://eprint.iacr.org/2016/788
  8. 8.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_15 CrossRefGoogle Scholar
  9. 9.
    Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988).  https://doi.org/10.1007/3-540-45961-8_39 CrossRefGoogle Scholar
  10. 10.
    Nie, X., Liu, B., Xiong, H., Lu, G.: Cubic unbalance oil and vinegar signature scheme. In: Lin, D., Wang, X.F., Yung, M. (eds.) Inscrypt 2015. LNCS, vol. 9589, pp. 47–56. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-38898-4_3 Google Scholar
  11. 11.
    Patarin, J., Courtois, N., Goubin, L.: QUARTZ, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45353-9_21 CrossRefGoogle Scholar
  12. 12.
    Petzoldt, A., Chen, M.-S., Yang, B.-Y., Tao, C., Ding, J.: Design principles for HFEv-based multivariate signature schemes. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015 Part I. LNCS, vol. 9452, pp. 311–334. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48797-6_14 CrossRefGoogle Scholar
  13. 13.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26, 1484–1509 (1997)MathSciNetCrossRefMATHGoogle Scholar
  14. 14.
    Thomae, E.: A generalization of the rainbow band separation attack and its applications to multivariate schemes, IACR Cryptology ePrint Archive (2012). http://eprint.iacr.org/2012/223
  15. 15.
    Thomae, E.: About the security of multivariate quadratic public key schemes, Dissertation thesis by Dipl. math. E. Thomae, RUB (2013)Google Scholar
  16. 16.
    Wolf, C., Preneel, B.: Large superfluous keys in \(\cal{M}\)ultivariate \(\cal{Q}\)uadratic asymmetric systems. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 275–287. Springer, Heidelberg (2005).  https://doi.org/10.1007/978-3-540-30580-4_19 CrossRefGoogle Scholar
  17. 17.
    Yang, B.-Y., Chen, J.-M.: Building secure tame-like multivariate public-key cryptosystems: the new TTS. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 518–531. Springer, Heidelberg (2005).  https://doi.org/10.1007/11506157_43 CrossRefGoogle Scholar
  18. 18.
    Yasuda, T., Ding, J., Takagi, T., Sakurai, K.: A variant of rainbow with shorter secret key and faster signature generation. In: AsiaPKC, pp. 57–62 (2013)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Division of Integrated MathematicsNational Institute for Mathematical SciencesDaejeonRepublic of Korea

Personalised recommendations