Fast polynomial factorization over high algebraic extensions of finite fields
ISSAC '97 Proceedings of the 1997 international symposium on Symbolic and algebraic computation
Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Unbalanced oil and vinegar signature schemes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
The Security of Hidden Field Equations (HFE)
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Essential Algebraic Structure within the AES
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
How to Achieve a McEliece-Based Digital Signature Scheme
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Zero-Knowledge Authentication Based on a Linear Algebra Problem MinRank
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Short Signatures in the Random Oracle Model
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Solving Underdefined Systems of Multivariate Quadratic Equations
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
A Fast and Secure Implementation of Sflash
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
On the Security of HFE, HFEv- and Quartz
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Generic Attacks and the Security of Quartz
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
A provably secure short signature scheme based on discrete logarithms
Information Sciences: an International Journal
Kipnis-Shamir Attack on HFE Revisited
Information Security and Cryptology
Square-Vinegar Signature Scheme
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
On building hash functions from multivariate quadratic equations
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Cryptanalysis of the TRMS signature scheme of PKC'05
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Fast exhaustive search for polynomial systems in F2
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Cryptanalysis of the hidden matrix cryptosystem
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Probabilistic multivariate cryptography
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
A new signature scheme without random oracles from bilinear pairings
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
On the affine transformations of HFE-Cryptosystems and systems with branches
WCC'05 Proceedings of the 2005 international conference on Coding and Cryptography
Similar keys of multivariate quadratic public key cryptosystems
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
A "medium-field" multivariate public-key encryption scheme
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Tractable rational map signature
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
A generic scheme based on trapdoor one-way permutations with signatures as short as possible
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
All in the XL family: theory and practice
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Proposal of a signature scheme based on STS trapdoor
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Complexity estimates for the F4 attack on the perturbed Matsumoto-Imai cryptosystem
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
On provable security of UOV and HFE signature schemes against chosen-message attack
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
| Hi-index | 0.00 |
For some applications of digital signatures the traditional schemes as RSA, DSA or Elliptic Curve schemes, give signature size that are not short enough (with security 280, the minimal length of these signatures is always 驴 320 bits, and even 驴 1024 bits for RSA). In this paper we present a first well defined algorithm and signature scheme, with concrete parameter choice, that gives 128-bit signatures while the best known attack to forge a signature is in 280. It is based on the basic HFE scheme proposed on Eurocrypt 1996 along with several modifications, such that each of them gives a scheme that is (quite clearly) strictly more secure. The basic HFE has been attacked recently by Shamir and Kipnis (cf [3]) and independently by Courtois (cf this RSA conference) and both these authors give subexponential algorithms that will be impractical for our parameter choices. Moreover our scheme is a modification of HFE for which there is no known attack other that inversion methods close to exhaustive search in practice. Similarly there is no method known, even in theory to distinguish the public key from a random quadratic multivariate function.QUARTZ is so far the only candidate for a practical signature scheme with length of 128-bits.QUARTZ has been accepted as a submission to NESSIE (New European Schemes for Signatures, Integrity, and Encryption), a project within the Information Societies Technology (IST) Programme of the European Commission.