Tractable Rational Map Signature

  • Lih-Chung Wang
  • Yuh-Hua Hu
  • Feipei Lai
  • Chun-Yen Chou
  • Bo-Yin Yang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3386)


Digital signature schemes are crucial for applications in electronic commerce. The effectiveness and security of a digital signature scheme rely on its underlying public key cryptosystem. Trapdoor functions are central to public key cryptosystems. However, the modular exponentiation for RSA or the discrete logarithms for ElGamal/DSA/ECC, as the choice of the trapdoor functions, are relatively slow in performance. Some multivariate schemes has potentially much higher performance than other public key cryptosystems. We present a new multivariate digital signature scheme (TRMS) based on tractable rational maps. We also give some security analysis and some actual implementation data in comparison to some other signature schemes.


multivariate public key digital signature finite field tractable rational maps 


  1. 1.
    Ars, G., Faugeére, J.-C.: Comparison of XL and Gröbner Bases Algorithms over Finite Fields, preprint. Will appear as one half of an article at Asiacrypt 2004 and LNCS (2004)Google Scholar
  2. 2.
    Bardet, M., Faugére, J.-C., Salvy, B.: Complexity of Gröbner Basis Computations for Regular Overdetermined Systems, INRIA Rapport de Recherche No. 5049; a slightly modified preprint is accepted by the International Conference on Polynomial System SolvingGoogle Scholar
  3. 3.
    Bardet, M., Faugére, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic Complexity of Gröbner Basis Algorithms for Semi-regular Overdetermined Systems over Large Fields, manuscript in preparationGoogle Scholar
  4. 4.
    Chen, J.-M., Yang, B.-Y.: Tame Transformations Signatures With Topsy-Turvy Hashes. In: Proc. IWAP, Taipei (2002)Google Scholar
  5. 5.
    Chen, J.-M., Yang, B.-Y.: A More Secure and Efficacious TTS Scheme. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 320–338. Springer, Heidelberg (2004); full version at Scholar
  6. 6.
    Coppersmith, D., Stern, J., Vaudenay, S.: Attacks on the birational permutation signature schemes. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 435–443. Springer, Heidelberg (1994)Google Scholar
  7. 7.
    Courtois, N.T., Goubin, L., Meier, W., Tacier, J.-D.: Solving underdefined systems of multivariate quadratic equations. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 211–227. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Courtois, N.: Generic attacks and the security of quartz. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 351–364. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Courtois, N.: Algebraic Attacks over GF(2k), Cryptanalysis of HFE Challenge 2 and SFLASH v2, accepted for PKC 2004 (2004)Google Scholar
  10. 10.
    Courtois, N.T., Klimov, A.B., Patarin, J., Shamir, A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 392–407. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  11. 11.
    Courtois, N.T., Patarin, J.: About the XL algorithm over GF(2). In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 141–157. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Courtois, N., Goubin, L., Patarin, J.: SFLASH v3, a Fast Asymmetric Signature Scheme, preprintGoogle Scholar
  13. 13.
    Diem, C.: The XL-algorithm and a conjecture from commutative algebra. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 323–337. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Trans. Info. Theory IT-22(6), 644–654Google Scholar
  15. 15.
    Faugére, J.-C.: A New Efficient Algorithm for Computing Gröbner Bases (F4). Journal of Pure and Applied Algebra 139, 61–88 (1999)MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Faugére, J.-C.: A New Efficient Algorithm for Computing Gröbner Bases without Reduction to Zero (F5). In: Proc. ISSAC 2002, pp. 75–83. ACM Press, New York (2002)CrossRefGoogle Scholar
  17. 17.
    Faugère, J.-C., Joux, A.: Algebraic cryptanalysis of hidden field equation (HFE) cryptosystems using gröbner bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 44–60. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Garey, M., Johnson, D.: Computers and Intractability, A Guide to the Theory of NP-completeness, p. 251 (1979)Google Scholar
  19. 19.
    Geiselmann, W., Steinwandt, R., Beth, T.: Attacking the affine parts of SFLASH. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 355–359. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Geiselmann, W., Steinwandt, R., Beth, T.: Revealing the 441 Key Bits of SFLASH v2. In: Third NESSIE Workshop (2002)Google Scholar
  21. 21.
    Goubin, L., Courtois, N.T.: Cryptanalysis of the TTM cryptosystem. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 44–57. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  22. 22.
    Kipnis, A., Shamir, A.: Cryptanalysis of the oil & vinegar signature scheme. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 257–266. Springer, Heidelberg (1998)Google Scholar
  23. 23.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999)Google Scholar
  24. 24.
    Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999)Google Scholar
  25. 25.
    Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988)Google Scholar
  26. 26.
    Moh, T.: A Public Key System with Signature and Master Key Functions. Communications in Algebra 27, 2207–2222 (1999)MATHCrossRefMathSciNetGoogle Scholar
  27. 27.
    Moh, T., Chen, J.-M.: On the Goubin-Courtois Attack on TTM, published electronically by Cryptology ePrint Archive (2001/072)Google Scholar
  28. 28.
    New European Schemes for Signatures, Integrity, and Encryption, project homepage at,
  29. 29.
    Performance of Optimized Implementations of the NESSIE primitives, version 2.0,
  30. 30.
    Patarin, J.: Cryptanalysis of the matsumoto and imai public key scheme of eurocrypt ’88. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 248–261. Springer, Heidelberg (1995)Google Scholar
  31. 31.
    Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): Two new families of asymmetric algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996)Google Scholar
  32. 32.
    Patarin, J., Goubin, L., Courtois, N.T.: Improved algorithms for isomorphisms of polynomials. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 184–200. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  33. 33.
    Patarin, J., Courtois, N.T., Goubin, L.: QUARTZ, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001); Updated version available at
  34. 34.
    Patarin, J., Courtois, N.T., Goubin, L.: FLASH, a fast multivariate signature algorithm. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 298–307. Springer, Heidelberg (2001); Updated version available at
  35. 35.
    Shamir, A., Tromer, E.: Factoring large numbers with the TWIRL device. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 1–26. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  36. 36.
    Wang, L.-C., Chang, F.-H.: Tractable Rational Map Cryptosystem, available at
  37. 37.
    Wolf, C.: Efficient Public Key Generation for Multivariate Cryptosystems, preprint, available at
  38. 38.
    Yang, B.-Y., Chen, J.-M.: Rank Attacks and Defence in Tame-Like Multivariate PKC’s, see
  39. 39.
    Yang, B.-Y., Chen, J.-M.: All in the XL family: Theory and practice. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 67–86. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  40. 40.
    Yang, B.-Y., Chen, J.-M., Chen, Y.-H.: TTS: High-speed signatures on a low-cost smart card. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 371–385. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  41. 41.
    Yang, B.-Y., Chen, J.-M., Courtois, N.T.: On asymptotic security estimates in XL and gröbner bases-related algebraic cryptanalysis. In: López, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 401–413. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Lih-Chung Wang
    • 1
  • Yuh-Hua Hu
    • 2
  • Feipei Lai
    • 3
  • Chun-Yen Chou
    • 4
  • Bo-Yin Yang
    • 5
  1. 1.Department of Applied MathematicsNational Donghwa UniversityHualienTaiwan
  2. 2.Department of Computer Science and Information EngineeringNational Taiwan UniversityTaipeiTaiwan
  3. 3.Departments of Electrical Engineering &, of Computer Science and Information EngineeringNational Taiwan UniversityTaipeiTaiwan
  4. 4.Department of Mathematical EducationNational Hualien Teachers CollegeHualienTaiwan
  5. 5.Dept. of MathematicsTamkang UniversityTamsuiTaiwan

Personalised recommendations