Time-Area Optimized Public-Key Engines: \(\mathcal{MQ}\)-Cryptosystems as Replacement for Elliptic Curves?

  • Andrey Bogdanov
  • Thomas Eisenbarth
  • Andy Rupp
  • Christopher Wolf
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5154)


In this paper ways to efficiently implement public-key schemes based on Open image in new window ultivariate Open image in new window uadratic polynomials (\(\mathcal{MQ}\)-schemes for short) are investigated. In particular, they are claimed to resist quantum computer attacks. It is shown that such schemes can have a much better time-area product than elliptic curve cryptosystems. For instance, an optimised FPGA implementation of amended TTS is estimated to be over 50 times more efficient with respect to this parameter. Moreover, a general framework for implementing small-field \(\mathcal{MQ}\)-schemes in hardware is proposed which includes a systolic architecture performing Gaussian elimination over composite binary fields.


\(\mathcal{MQ}\)-cryptosystems ECC hardware implementation TA-product UOV Rainbow amended TTS 


  1. 1.
    Ansari, B., Anwar Hasan, M.: High performance architecture of elliptic curve scalar multiplication. Technical report, CACR (January 2006)Google Scholar
  2. 2.
    Balasubramanian, S., Bogdanov, A., Rupp, A., Ding, J., Carter, H.W.: Fast multivariate signature generation in hardware: The case of Rainbow. In: ASAP 2008 (to appear, 2008)Google Scholar
  3. 3.
    Billet, O., Gilbert, H.: Cryptanalysis of rainbow. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 336–347. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Bogdanov, A., Mertens, M., Paar, C., Pelzl, J., Rupp, A.: A parallel hardware architecture for fast gaussian elimination over GF(2). In: FCCM 2006 (2006)Google Scholar
  5. 5.
    de Dormale, G.M., Quisquater, J.-J.: High-speed hardware implementations of elliptic curve cryptography: A survey. Journal of Systems Architecture 53, 72–84 (2007)CrossRefGoogle Scholar
  6. 6.
    Ding, J., Hu, L., Yang, B.-Y., Chen, J.-M.: Note on design criteria for rainbow-type multivariates. Cryptology ePrint Archive, Report 2006/307 (2006)Google Scholar
  7. 7.
    Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005)Google Scholar
  8. 8.
    Ding, J., Wolf, C., Yang, B.-Y.: ℓ-invertible cycles for multivariate quadratic public key cryptography. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 266–281. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Hochet, B., Quinton, P., Robert, Y.: Systolic Gaussian Elimination over GF (p) with Partial Pivoting. IEEE Transactions on Computers 38(9), 1321–1324 (1989)CrossRefMathSciNetGoogle Scholar
  10. 10.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced Oil and Vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592. Springer, Heidelberg (1999)Google Scholar
  11. 11.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced Oil and Vinegar signature schemes — extended version, 17 pages , 2003-06-11 (2003), http://www.citeseer/231623.htmlGoogle Scholar
  12. 12.
    Shu, C., Gaj, K., El-Ghazawi, T.: Low latency elliptic curve cryptography accelerators for nist curves on binary fields. In: IEEE FPT 2005 (2005)Google Scholar
  13. 13.
    Wang, C.L., Lin, J.L.: A Systolic Architecture for Computing Inverses and Divisions in Finite Fields GF (2m). IEEE Trans. Comp. 42(9), 1141–1146 (1993)CrossRefGoogle Scholar
  14. 14.
    Wolf, C., Preneel, B.: Taxonomy of public key schemes based on the problem of multivariate quadratic equations. Cryptology ePrint Archive, Report 2005/077 (May 12, 2005)Google Scholar
  15. 15.
    Yang, B.-Y., Chen, J.-M.: Rank attacks and defence in Tame-like multivariate PKC’s. Cryptology ePrint Archive Report 2004/061 (September 29, 2004),
  16. 16.
    Yang, B.-Y., Chen, J.-M.: Building secure tame-like multivariate public-key cryptosystems: The new TTS. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 518–531. Springer, Heidelberg (2005)Google Scholar
  17. 17.
    Yang, B.-Y., Cheng, D.C.-M., Chen, B.-R., Chen, J.-M.: Implementing minimized multivariate public-key cryptosystems on low-resource embedded systems. In: Clark, J.A., Paige, R.F., Polack, F.A.C., Brooke, P.J. (eds.) SPC 2006. LNCS, vol. 3934, pp. 73–88. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Andrey Bogdanov
    • 1
  • Thomas Eisenbarth
    • 1
  • Andy Rupp
    • 1
  • Christopher Wolf
    • 1
  1. 1.Horst Görtz Institute for IT-SecurityRuhr-University BochumGermany

Personalised recommendations