Analysis of a public key approach based on polynomial substitution
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Algebraic Methods for Constructing Asymmetric Cryptosystems
AAECC-3 Proceedings of the 3rd International Conference on Algebraic Algorithms and Error-Correcting Codes
Asymmetric cryptography with S-Boxes
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Trapdoor one-way permutations and multivariate polynominals
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the Oil & Vinegar Signature Scheme
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
QUARTZ, 128-Bit Long Digital Signatures
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Solving Underdefined Systems of Multivariate Quadratic Equations
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
On the security of stepwise triangular systems
Designs, Codes and Cryptography
Multivariate quadratic trapdoor functions based on multivariate quadratic quasigroups
MATH'08 Proceedings of the American Conference on Applied Mathematics
Square-Vinegar Signature Scheme
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Practical-Sized Instances of Multivariate PKCs: Rainbow, TTS, and lIC-Derivatives
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Remarks on the Attack of Fouque et al. against the l IC Scheme
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
QUAD: A multivariate stream cipher with provable security
Journal of Symbolic Computation
SSE Implementation of Multivariate PKCs on Modern x86 CPUs
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Algebraic Attack on the MQQ Public Key Cryptosystem
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Cryptanalysis of the Square Cryptosystems
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Efficient implementations of multivariate quadratic systems
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
l-invertible cycles for multivariate quadratic (MQ) public key cryptography
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
On building hash functions from multivariate quadratic equations
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Cryptanalysis of the TRMS signature scheme of PKC'05
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
New differential-algebraic attacks and reparametrization of rainbow
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Total break of the l-IC signature scheme
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Linear recurring sequences for the UOV key generation
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Kipnis-shamir attack on unbalanced oil-vinegar scheme
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Public-key identification schemes based on multivariate quadratic polynomials
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Small public keys and fast verification for multivariate quadratic public key systems
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Cryptanalysis of variants of UOV
ISC'06 Proceedings of the 9th international conference on Information Security
Probabilistic multivariate cryptography
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Equivalent keys in HFE, c*, and variations
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Building secure tame-like multivariate public-key cryptosystems: the new TTS
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Similar keys of multivariate quadratic public key cryptosystems
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
A "medium-field" multivariate public-key encryption scheme
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Tractable rational map signature
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Large superfluous keys in multivariate quadratic asymmetric systems
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Cryptanalysis of HFEv and internal perturbation of HFE
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Rainbow, a new multivariable polynomial signature scheme
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Efficient cryptanalysis of RSE(2)PKC and RSSE(2)PKC
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
A study of the security of unbalanced oil and vinegar signature schemes
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Proposal of a signature scheme based on STS trapdoor
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Selecting parameters for the rainbow signature scheme
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Implementing minimized multivariate PKC on low-resource embedded systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
General fault attacks on multivariate public key cryptosystems
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
On provable security of UOV and HFE signature schemes against chosen-message attack
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
On the differential security of multivariate public key cryptosystems
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Reducing the key size of rainbow using non-commutative rings
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Public-Key identification schemes based on multivariate cubic polynomials
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
On the complexity of solving quadratic Boolean systems
Journal of Complexity
Zero-Knowledge for multivariate polynomials
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
Efficient implementations of MQPKS on constrained devices
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Quo vadis quaternion? cryptanalysis of rainbow over non-commutative rings
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Multivariate public key cryptosystems from diophantine equations
Designs, Codes and Cryptography
Solving polynomial systems over finite fields: improved analysis of the hybrid approach
Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation
Linear recurring sequences for the UOV key generation revisited
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
A variant of rainbow with shorter secret key and faster signature generation
Proceedings of the first ACM workshop on Asia public-key cryptography
| Hi-index | 0.00 |
In [16], J. Patarin designed a new scheme, called "Oil and Vinegar", for computing asymmetric signatures. It is very simple, can be computed very fast (both in secret and public key) and requires very little RAM in smartcard implementations. The idea consists in hiding quadratic equations in n unknowns called "oil" and v = n unknowns called "vinegar" over a finite field K, with linear secret functions. This original scheme was broken in [10] by A. Kipnis and A. Shamir. In this paper, we study some very simple variations of the original scheme where v n (instead of v = n). These schemes are called "Unbalanced Oil and Vinegar" (UOV), since we have more "vinegar" unknowns than "oil" unknowns. We show that, when v ≃ n, the attack of [10] can be extended, but when v ≥ 2n for example, the security of the scheme is still an open problem. Moreover, when v ≃ n2/2, the security of the scheme is exactly equivalent (if we accept a very natural but not proved property) to the problem of solving a random set of n quadratic equations in n2/2 unknowns (with no trapdoor). However, we show that (in characteristic 2) when v ≥ n2, finding a solution is generally easy. Then we will see that it is very easy to combine the Oil and Vinegar idea and the HFE schemes of [14]. The resulting scheme, called HFEV, looks at the present also very interesting both from a practical and theoretical point of view. The length of a UOV signature can be as short as 192 bits and for HFEV it can be as short as 80 bits.