Finite fields
Cryptanalysis of the Oil & Vinegar Signature Scheme
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the TTM Cryptosystem
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Unbalanced oil and vinegar signature schemes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
New differential-algebraic attacks and reparametrization of rainbow
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Small public keys and fast verification for multivariate quadratic public key systems
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Rainbow, a new multivariable polynomial signature scheme
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Selecting parameters for the rainbow signature scheme
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Reducing the key size of rainbow using non-commutative rings
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Solving underdetermined systems of multivariate quadratic equations revisited
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
| Hi-index | 0.00 |
The Rainbow Signature Scheme is a non-trivial generalization of the well known Unbalanced Oil and Vinegar Signature Scheme (Eurocrypt '99) minimizing the length of the signatures. Recently a new variant based on non-commutative rings, called NC-Rainbow, was introduced at CT-RSA 2012 to further minimize the secret key size. We disprove the claim that NC-Rainbow is as secure as Rainbow in general and show how to reduce the complexity of MinRank attacks from 2288 to 2192 and of HighRank attacks from 2128 to 296 for the proposed instantiation over the ring of Quaternions. We further reveal some facts about Quaternions that increase the complexity of the signing algorithm. We show that NC-Rainbow is just a special case of introducing further structure to the secret key in order to decrease the key size. As the results are comparable with the ones achieved by equivalent keys, which provably do not decrease security, and far worse than just using a PRNG, we recommend not to use NC-Rainbow.