Advertisement

On Provable Security of UOV and HFE Signature Schemes against Chosen-Message Attack

  • Koichi Sakumoto
  • Taizo Shirai
  • Harunaga Hiwatari
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7071)

Abstract

The multivariate public key cryptosystem (MPKC) is considered to be one of the candidates of post-quantum cryptography. Unbalanced Oil-Vinegar (UOV) scheme and Hidden Field Equation (HFE) scheme are well-known schemes in MPKC. However, little attention has been given to provable security for these schemes. In this paper, we study the provable security of the UOV and the HFE signature schemes in the sense of the existential unforgeability against adaptive chosen-message attack (EUF-CMA). Concretely, we suggest that a usual security proof for the Full-Domain Hash scheme cannot directly apply to that of the UOV and the HFE signature schemes. However, we show that the UOV and the HFE signature schemes can be modified into ones achieving the EUF-CMA in the random oracle model, without changing each underlying trapdoor function.

Keywords

signature scheme MPKC multivariate distribution UOV HFE provable security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)Google Scholar
  2. 2.
    Bellare, M., Rogaway, P.: The Exact Security of Digital Signatures - How to Sign with RSA and Rabin. In: Maurer [21], pp. 399–416Google Scholar
  3. 3.
    Bernstein, D.J., Buchmann, J., Dahmen, E.: Post-Quantum Cryptography. Springer, Heidelberg (2009)CrossRefzbMATHGoogle Scholar
  4. 4.
    Bogdanov, A., Eisenbarth, T., Rupp, A., Wolf, C.: Time-Area Optimized Public-Key Engines: Cryptosystems as Replacement for Elliptic Curves? In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 45–61. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Braeken, A., Wolf, C., Preneel, B.: A Study of the Security of Unbalanced Oil and Vinegar Signature Schemes. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 29–43. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Cao, W., Hu, L., Ding, J., Yin, Z.: Kipnis-Shamir Attack on Unbalanced Oil-Vinegar Scheme. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol. 6672, pp. 168–180. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Chen, A.I.-T., Chen, M.-S., Chen, T.-R., Cheng, C.-M., Ding, J., Kuo, E.L.-H., Lee, F.Y.-S., Yang, B.-Y.: SSE Implementation of Multivariate PKCs on Modern X86 CPUs. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 33–48. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Courtois, N.: Generic Attacks and the Security of Quartz. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 351–364. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Ding, J., Gower, J.E., Schmidt, D.S.: Multivariate Public Key Cryptosystems. Springer, Heidelberg (2006)zbMATHGoogle Scholar
  10. 10.
    Ding, J., Schmidt, D.: Rainbow, a New Multivariable Polynomial Signature Scheme. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Faugère, J.-C., Joux, A.: Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 44–60. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Faugère, J.-C., Perret, L.: On the Security of UOV. Cryptology ePrint Archive, Report 2009/483 (2009), http://eprint.iacr.org/
  13. 13.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for Hard Lattices and New Cryptographic Constructions. In: Ladnerand, R.E., Dwork, C. (eds.) STOC, pp. 197–206. ACM (2008)Google Scholar
  14. 14.
    Goldwasser, S., Micali, S., Rivest, R.L.: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks. SIAM J. Comput. 17(2), 281–308 (1988)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Granboulan, L., Joux, A., Stern, J.: Inverting HFE is Quasipolynomial. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 345–356. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced Oil and Vinegar Signature Schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  17. 17.
    Kipnis, A., Shamir, A.: Cryptanalysis of the Oil & Vinegar Signature Scheme. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 257–266. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  18. 18.
    Kipnis, A., Shamir, A.: Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  19. 19.
    Levitskaya, A.A.: Systems of Random Equations over Finite Algebraic Structures. Cybernetics and Sys. Anal. 41(1), 67–93 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Matsumoto, T., Imai, H.: Public Quadratic Polynomial-Tuples for Efficient Signature-Verification and Message-Encryption. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  21. 21.
    Maurer, U.M. (ed.): EUROCRYPT 1996. LNCS, vol. 1070. Springer, Heidelberg (1996)zbMATHGoogle Scholar
  22. 22.
    Patarin, J.: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms. In: Maurer [21], pp. 33–48Google Scholar
  23. 23.
    Patarin, J.: The Oil and Vinegar Signature Scheme. Presented at the Dagstuhl Workshop on Cryptography (September 1997); transparenciesGoogle Scholar
  24. 24.
    Patarin, J., Courtois, N.T., Goubin, L.: QUARTZ, 128-Bit Long Digital Signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Sakumoto, K., Shirai, T., Hiwatari, H.: Public-Key Identification Schemes Based on Multivariate Quadratic Polynomials. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 706–723. Springer, Heidelberg (2011)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Koichi Sakumoto
    • 1
  • Taizo Shirai
    • 1
  • Harunaga Hiwatari
    • 1
  1. 1.Sony CorporationTokyoJapan

Personalised recommendations