Efficient signature schemes based on birational permutations
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Cryptanalysis of the Oil & Vinegar Signature Scheme
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
New differential-algebraic attacks and reparametrization of rainbow
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Journal of Symbolic Computation
Small public keys and fast verification for multivariate quadratic public key systems
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Equivalent keys in HFE, c*, and variations
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Building secure tame-like multivariate public-key cryptosystems: the new TTS
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Efficient cryptanalysis of RSE(2)PKC and RSSE(2)PKC
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Proposal of a signature scheme based on STS trapdoor
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Hi-index | 0.00 |
We show that the two multivariate signature schemes Enhanced STS, proposed at PQCrypto 2010, and Enhanced TTS, proposed at ACISP 2005, are vulnerable due to systematically missing cross-terms. To this aim, we generalize equivalent keys to so-called good keys for an improved algebraic key recovery attack. In particular, we demonstrate that it is impossible to choose both secure and efficient parameters for Enhanced STS and break all current parameters of both schemes. Since 2010, many variants of Enhanced STS, such as Check Equations or Hidden Pair of Bijections were proposed. We break all these variants and show that making STS secure will either lead to a variant known as the Oil, Vinegar and Salt signature scheme or, if we also require the signing algorithm to be efficient, to the well-known Rainbow signature scheme. We show that our attack is more efficient than any previously known attack.