Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
C*-+ and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
A Fast and Secure Implementation of Sflash
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
On the Security of HFE, HFEv- and Quartz
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Cryptanalysis of SFLASH with Slightly Modified Parameters
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Cryptanalysis of the SFLASH Signature Scheme
Information Security and Cryptology
Practical cryptanalysis of SFLASH
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Fast digital signature algorithm based on subgraph isomorphism
CANS'07 Proceedings of the 6th international conference on Cryptology and network security
Key recovery on hidden monomial multivariate schemes
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
A "medium-field" multivariate public-key encryption scheme
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Differential cryptanalysis for multivariate schemes
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Complexity estimates for the F4 attack on the perturbed Matsumoto-Imai cryptosystem
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Implementing minimized multivariate PKC on low-resource embedded systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Hi-index | 0.00 |
SFLASH [Spec] is a fast asymmetric signature scheme intended for low cost smart cards without cryptoprocessor. It belongs to the family of multivariate asymmetric schemes. It was submitted to the call for cryptographic primitives organised by the European project NESSIE, and successfully passed the first phase of the NESSIE selection process in September 2001. In this paper, we present a cryptanalysis of SFLASH which allows an adversary provided with an SFLASH public key to derive a valid signature of any message. The complexity of the attack is equivalent to less than 238 computations of the public function used for signature verification. The attack does not appear to be applicable to the FLASH companion algorithm of SFLASH and to the modified (more conservative) version of SFLASH proposed in October 2001 to the NESSIE project by the authors of SFLASH in replacement of [Spec].