An Ultra-Fast and Provably CMA Resistant Digital Signature Scheme
  • Danilo Gligoroski
  • Rune Steinsmo Ødegård
  • Rune Erlend Jensen
  • Ludovic Perret
  • Jean-Charles Faugère
  • Svein Johan Knapskog
  • Smile Markovski
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7222)


We present MQQ-SIG, a signature scheme based on “Multivariate Quadratic Quasigroups”. The MQQ-SIG signature scheme has a public key consisting of \(\frac{n}{2}\) quadratic polynomials in n variables where n = 160, 192, 224 or 256. Under the assumption that solving systems of \(\frac{n}{2}\) MQQ’s equations in n variables is as hard as solving systems of random quadratic equations, we prove that in the random oracle model our signature scheme is CMA (Chosen-Message Attack) resistant.

From efficiency point of view, the signing and verification processes of MQQ-SIG are three orders of magnitude faster than RSA or ECDSA. Compared with other MQ signing schemes, MQQ-SIG has both advantages and disadvantages. Advantages are that it has more than three times smaller private keys (from 401 to 593 bytes), and the signing process is an order of magnitude faster than other MQ schemes. That makes it very suitable for implementation in smart cards and other embedded systems. However, MQQ-SIG has a big public key (from 125 to 512 Kb) and it is not suitable for systems where the size of the public key has to be small.


Public Key Cryptography Ultra-Fast Public Key Cryptography Multivariate Quadratic Polynomials Quasigroup String Transformations Multivariate Quadratic Quasigroup 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bardet, M.: Étude des systèmes algébriques surdéterminés. Applications aux codes correcteurs et à la cryptographie. PhD thesis, Université de Paris VI (2004)Google Scholar
  2. 2.
    Bardet, M., Faugère, J.-C., Salvy, B.: Complexity study of Gröbner basis computation. Technical report, INRIA (2002),
  3. 3.
    Bardet, M., Faugère, J.-C., Salvy, B.: On the complexity of Gröbner basis computation of semi-regular overdetermined algebraic equations. In: Proc. International Conference on Polynomial System Solving (ICPSS), pp. 71–75 (2004)Google Scholar
  4. 4.
    Bardet, M., Faugère, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: Proc. of MEGA 2005, Eighth International Symposium on Effective Methods in Algebraic Geometry (2005)Google Scholar
  5. 5.
    Belousov, V.D.: Osnovi teorii kvazigrup i lup, Nauka, Moscow (1967) (in russian)Google Scholar
  6. 6.
    Bernstein, D.J., Lange, T. (eds.): eBACS: ECRYPT benchmarking of cryptographic systems (accessed January 12, 2011)Google Scholar
  7. 7.
    Bettale, L., Faugère, J.-C., Perret, L.: Hybrid approach for solving multivariate systems over finite fields. Journal of Mathematical Cryptology 3(3), 177–197 (2009)MathSciNetzbMATHCrossRefGoogle Scholar
  8. 8.
    Bettale, L., Faugère, J.-C., Perret, L.: Cryptanalysis of Multivariate and Odd-Characteristic HFE Variants. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 441–458. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  9. 9.
    Bouillaguet, C., Faugère, J.-C., Fouque, P.-A., Perret, L.: Practical Cryptanalysis of the Identification Scheme Based on the Isomorphism of Polynomial with One Secret Problem. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 473–493. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  10. 10.
    Chen, Y., Knapskog, S.J., Gligoroski, D.: Multivariate quadratic quasigroups (MQQs): Construction, bounds and complexity. In: Inscrypt, 6th International Conference on Information Security and Cryptology. Science Press of China (October 2010)Google Scholar
  11. 11.
    Davis, P.J.: CirculantMatrices. AMS Chelsea Publishing (1994)Google Scholar
  12. 12.
    Denes, J., Keedwell, A.D.: Latin squares and their applications. Academic Press, New York (1974)zbMATHGoogle Scholar
  13. 13.
    Ding, J., Wolf, C., Yang, B.-Y.: -Invertible Cycles for Ultivariate Uadratic (q) Public Key Cryptography. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 266–281. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Ding, J., Yang, B.-Y., Chen, C.-H.O., Chen, M.-S., Cheng, C.-M.: New Differential-Algebraic Attacks and Reparametrization of Rainbow. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 242–257. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Faugère, J.C., Gianni, P., Lazard, D., Mora, T.: Efficient computation of zero-dimensional Gröbner bases by change of ordering. J. Symb. Comput. 16, 329–344 (1993)zbMATHCrossRefGoogle Scholar
  16. 16.
    Faugere, J.-C.: A new efficient algorithm for computing Gröbner basis, F4 (2000),
  17. 17.
    Faugère, J.-C., Ødegård, R.S., Perret, L., Gligoroski, D.: Analysis of the MQQ Public Key Cryptosystem. In: Heng, S.-H., Wright, R.N., Goi, B.-M. (eds.) CANS 2010. LNCS, vol. 6467, pp. 169–183. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  18. 18.
    Faugère, J.-C., Perret, L.: Polynomial Equivalence Problems: Algorithmic and Theoretical Aspects. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 30–47. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Fouque, P.-A., Granboulan, L., Stern, J.: Differential Cryptanalysis for Multivariate Schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 341–353. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
    Garey, M.R., Johnson, D.S.: Computers and Intractability. A guide to the theory of NP-Completeness. Bell Telephone Laberatories, Incoperated (1979)Google Scholar
  21. 21.
    Gligoroski, D., Markovski, S., Knapskog, S.J.: Public key block cipher based on multivariate quadratic quasigroups. Cryptology ePrint Archive, Report 2008/320Google Scholar
  22. 22.
    Gligoroski, D., Markovski, S., Knapskog, S.J.: Multivariate quadratic trapdoor functions based on multivariate quadratic quasigroups. In: MATH 2008: Proceedings of the American Conference on Applied Mathematics, pp. 44–49. World Scientific and Engineering Academy and Society (WSEAS), Stevens Point (2008)Google Scholar
  23. 23.
    Goubin, L., Courtois, N.T.: Cryptanalysis of the TTM Cryptosystem. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 44–57. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  24. 24.
    Goubin, L., Courtois, N.T., Schlumbergersema, C.: Cryptanalysis of the TTM Cryptosystem. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 44–57. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  25. 25.
    Imai, H., Matsumoto, T.: Algebraic Methods for Constructing Asymmetric Cryptosystems. In: Calmet, J. (ed.) AAECC-3. LNCS, vol. 229, pp. 108–119. Springer, Heidelberg (1986)Google Scholar
  26. 26.
    Kasahara, M., Sakai, R.: A construction of public key cryptosystem for realizing ciphertext of size 100 bit and digital signature scheme. IEICE Transactions 87-A(1), 102–109 (2004)Google Scholar
  27. 27.
    Katz, J.: Digital Signatures. Springer (2010)Google Scholar
  28. 28.
    Kipnis, A., Shamir, A.: Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999)Google Scholar
  29. 29.
    Koblitz, N.: Elliptic Curve Cryptosystems. Mathematics of Computation 48(177), 203–209 (1987)MathSciNetzbMATHCrossRefGoogle Scholar
  30. 30.
    MAGMA. High performance software for algebra, number theory, and geometry — a large commercial software package,
  31. 31.
    Matsumoto, T., Imai, H.: Public Quadratic Polynomial-Tuples for Efficient Signature-Verification and Message-Encryption. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988)Google Scholar
  32. 32.
    Miller, V.S.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  33. 33.
    Moh, T.: A public key system with signature and master key functions. Communications in Algebra (1999)Google Scholar
  34. 34.
    Moh, T.: A public key system with signature and master key functions (1999)Google Scholar
  35. 35.
    Mohamed, M.S.E., Ding, J., Buchmann, J., Werner, F.: Algebraic Attack on the MQQ Public Key Cryptosystem. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 392–401. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  36. 36.
    Patarin, J.: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996)Google Scholar
  37. 37.
    Patarin, J.: Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt 98. Des. Codes Cryptography 20, 175–209 (2000)MathSciNetzbMATHCrossRefGoogle Scholar
  38. 38.
    Perret, L.: A Fast Cryptanalysis of the Isomorphism of Polynomials with One Secret Problem. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 354–370. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  39. 39.
    Perret, L.: Personal e-mail communication with Danilo Gligoroski (2008)Google Scholar
  40. 40.
    Petzoldt, A., Bulygin, S., Buchmann, J.: Cyclicrainbow - a multivariate signature scheme with a partially cyclic public key based on rainbow. Cryptology ePrint Archive, Report 2010/424 (2010),
  41. 41.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 120–126 (1978)MathSciNetzbMATHCrossRefGoogle Scholar
  42. 42.
    Samardjiska, S., Markovski, S., Gligoroski, D.: Multivariate quasigroups defined by t-functions. In: Proceedings of SCC 2010 - The 2nd International Conference on Symbolic Computation and Cryptography (2010)Google Scholar
  43. 43.
    Samardjiska, S., Chen, Y., Gligoroski, D.: Construction of multivariate quadratic quasigroups (mqqs) in arbitrary galois fields. In: Proceedings of the International Conference on Information Assurance and Security (IAS) 2011, Malacca, Malaysia (2011)Google Scholar
  44. 44.
    Shamir, A.: Efficient Signature Schemes Based on Birational Permutations. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 1–12. Springer, Heidelberg (1994)Google Scholar
  45. 45.
    Shamir, A.: Efficient Signature Schemes Based on Birational Permutations. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 1–12. Springer, Heidelberg (1994)Google Scholar
  46. 46.
    Singh, R.P., Sarma, B.K., Saikia, A.: Public key cryptography using permutation p-polynomials over finite fields. Cryptology ePrint Archive, Report 2009/208 (2009),
  47. 47.
    Smith, J.D.H.: An introduction to quasigroups and their representations. Chapman & Hall/CRC (2007)Google Scholar
  48. 48.
    Wolf, C., Braeken, A., Preneel, B.: On the security of stepwise triangular systems. Des. Codes Cryptography 40, 285–302 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  49. 49.
    Wolf, C., Preneel, B.: Taxonomy of public key schemes based on the problem of multivariate quadratic equations. Cryptology ePrint Archive, Report 2005/077 (2005)Google Scholar
  50. 50.
    Yang, B.-Y., Chen, J.-M.: Building Secure Tame-like Multivariate Public-Key Cryptosystems: The New TTS. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 518–531. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  51. 51.
    Yang, B.-Y., Cheng, C.-M., Chen, B.-R., Chen, J.-M.: Implementing Minimized Multivariate PKC on Low-Resource Embedded Systems. In: Clark, J.A., Paige, R.F., Polack, F.A.C., Brooke, P.J. (eds.) SPC 2006. LNCS, vol. 3934, pp. 73–88. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Danilo Gligoroski
    • 1
  • Rune Steinsmo Ødegård
    • 2
  • Rune Erlend Jensen
    • 2
  • Ludovic Perret
    • 3
    • 4
  • Jean-Charles Faugère
    • 3
    • 4
  • Svein Johan Knapskog
    • 2
  • Smile Markovski
    • 5
  1. 1.Department of TelematicsThe Norwegian University of Science and Technology (NTNU)TrondheimNorway
  2. 2.Centre for Quantifiable Quality of Service in Communication SystemsNTNUTrondheimNorway
  3. 3.INRIA, Paris-Rocquencourt Center, SALSA ProjectUPMC Univ. Paris 06, UMR 7606, LIP6ParisFrance
  4. 4.CNRS, UMR 7606, LIP6ParisFrance
  5. 5.Faculty of Natural Sciences and Mathematics, Institute of Informatics“Ss Cyril and Methodius” UniversitySkopjeMacedonia

Personalised recommendations