Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
SIAM Journal on Computing
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the Oil & Vinegar Signature Scheme
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the TTM Cryptosystem
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of HFE, HFEv- and Quartz
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Comparison of innovative signature algorithms for WSNs
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Fast multivariate signature generation in hardware: The case of rainbow
ASAP '08 Proceedings of the 2008 International Conference on Application-Specific Systems, Architectures and Processors
Unbalanced oil and vinegar signature schemes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Small public keys and fast verification for multivariate quadratic public key systems
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Building secure tame-like multivariate public-key cryptosystems: the new TTS
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Rainbow, a new multivariable polynomial signature scheme
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
A study of the security of unbalanced oil and vinegar signature schemes
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Selecting parameters for the rainbow signature scheme
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Implementing minimized multivariate PKC on low-resource embedded systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
High-Speed hardware implementation of rainbow signature on FPGAs
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Practical key-recovery for all possible parameters of SFLASH
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Solving underdetermined systems of multivariate quadratic equations revisited
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
| Hi-index | 0.00 |
Multivariate Quadratic Public Key Schemes (MQPKS) attracted the attention of researchers in the last decades for two reasons. First they are thought to resist attacks by quantum computers and second, most of the schemes were broken. The latter may be the reason why implementations are rare. This work investigates one of the most promising member of MQPKS and its variants, namely UOV, Rainbow and enTTS. UOV resisted all kinds of attacks for 13 years and can be considered one of the best examined MQPKS. We describe implementations of UOV, Rainbow and enTTS on an 8-bit microcontroller. To address the problem of large keys, we used several optimizations and also implemented the 0/1-UOV scheme introduced at CHES 2011. To achieve a practically usable security level on the selected device, all recent attacks are summarized and parameters for standard security levels are given. To allow judgement of scaling, the schemes are implemented for the most common security levels in embedded systems 264, 280 and 2128 bits symmetric security. This allows for the first time a direct comparison of the four schemes because they are implemented for exactly the same security levels on the same platform and also by the same developer.