Linear Recurring Sequences for the UOV Key Generation
Multivariate public key cryptography is one of the main approaches to guarantee the security of communication in the post-quantum world. Due to its high efficiency and modest computational requirements, multivariate cryptography seems especially appropriate for signature schemes on low cost devices. However, multivariate schemes are not much used yet, mainly because of the large size of their public keys. In [PB10] Petzoldt et al. presented an idea how to create a multivariate signature scheme with a partially cyclic public key based on the UOV scheme of Kipnis and Patarin [KP99]. In this paper we use their idea to create a multivariate signature scheme whose public key is mainly given by a linear recurring sequence (LRS). By doing so, we are able to reduce the size of the public key by up to 86 %. Moreover, we get a public key with good statistical properties.
KeywordsMultivariate Cryptography UOV Signature Scheme Key Size Reduction Linear Recurring Sequences
- [KP99]Kipnis, A., Patarin, J., Goubin, L.: Unbalanced Oil and Vinegar Signature Schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999)Google Scholar
- [KS98]Kipnis, A., Shamir, A.: Cryptanalysis of the Oil & Vinegar Signature Scheme. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 257–266. Springer, Heidelberg (1998)Google Scholar
- [Pa97]Patarin, J.: The oil and vinegar signature scheme, presented at the Dagstuhl Workshop on Cryptography (September 1997)Google Scholar
- [PB10]Petzoldt, A., Bulygin, S., Buchmann, J.: A Multivariate Signature Scheme with a partially cyclic public key. In: Proceedings of SCC, pp. 229–235 (2010)Google Scholar
- [Sh97]Shor, P.: Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM J. Comput. 26(5), 1484–1509Google Scholar