Advertisement

Handling Vinegar Variables to Shorten Rainbow Key Pairs

  • Gustavo ZamboninEmail author
  • Matheus S. P. Bittencourt
  • Ricardo Custódio
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11627)

Abstract

Multivariate quadratic equations are the basis of one of the main mathematical techniques for the creation of digital signatures that are quantum-resistant. In these schemes, the creation and verification of signatures is highly efficient. However, key sizes are quite impractical and orders of magnitude greater than conventional schemes. One of the best-known signature schemes built upon multivariate equations is called Rainbow, which is based on the Oil-Vinegar principle. We observe that the reuse of vinegar variables in the signature generation step of the Rainbow scheme leads to a shorter representation of its central map, and thus, of the entire private key. We analyse the security implications of this strategy and present a modification to the Rainbow scheme, enabling a private key size reduction of up to \(85\%\) with secure parameters. Additionally, this framework can be applied on top of already existing schemes that shorten either private or public keys, spawning derivatives that reduce the total key pair size by a factor of 3.5.

Keywords

Multivariate cryptography Digital signatures Rainbow 

Notes

Acknowledgements

This study was financed in part by the Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - Brasil (CAPES) - Finance Code 001. Additionally, we thank the anonymous referees for their suggestions.

References

  1. 1.
    Alagic, G., et al.: Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process. Internal Report 8240, National Institute of Standards and Technology (NIST), January 2019.  https://doi.org/10.6028/NIST.IR.8240
  2. 2.
    Bernstein, D.J., Buchmann, J., Dahmen, E.: Post Quantum Cryptography, 1st edn. Springer, Heidelberg (2008)Google Scholar
  3. 3.
    Bettale, L., Faugére, J.C., Perret, L.: Solving polynomial systems over finite fields: improved analysis of the hybrid approach. In: Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation, pp. 67–74, July 2012.  https://doi.org/10.1145/2442829.2442843
  4. 4.
    Billet, O., Gilbert, H.: Cryptanalysis of Rainbow. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 336–347. Springer, Heidelberg (2006).  https://doi.org/10.1007/11832072_23CrossRefGoogle Scholar
  5. 5.
    Czypek, W.: Implementing Multivariate Quadratic Public Key Signature Schemes on Embedded Devices. Master’s thesis, Ruhr-Universität Bochum, April 2012Google Scholar
  6. 6.
    Ding, J., Chen, M.S., Petzoldt, A., Schmidt, D., Yang, B.Y.: Rainbow - Algorithm Specification and Documentation. Round 1 Submission, NIST Post-Quantum Cryptography Standardisation Process, December 2017Google Scholar
  7. 7.
    Ding, J., Gower, J., Schmidt, D.: Multivariate Public Key Cryptosystems, 1st edn. Springer, Boston (2006).  https://doi.org/10.1007/978-0-387-36946-4CrossRefzbMATHGoogle Scholar
  8. 8.
    Ding, J., Petzoldt, A.: Current state of multivariate cryptography. IEEE Secur. Priv. 15(4), 28–36 (2017).  https://doi.org/10.1109/MSP.2017.3151328CrossRefGoogle Scholar
  9. 9.
    Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005).  https://doi.org/10.1007/11496137_12CrossRefGoogle Scholar
  10. 10.
    Ding, J., Schmidt, D., Yin, Z.: Cryptanalysis of the new TTS scheme in CHES 2004. Int. J. Inf. Secur. 5(4), 231–240 (2006).  https://doi.org/10.1007/s10207-006-0003-9CrossRefzbMATHGoogle Scholar
  11. 11.
    Ding, J., Yang, B.-Y., Chen, C.-H.O., Chen, M.-S., Cheng, C.-M.: New differential-algebraic attacks and reparametrization of rainbow. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 242–257. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-68914-0_15CrossRefGoogle Scholar
  12. 12.
    von zur Gathen, J.: CryptoSchool, 1st edn. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48425-8CrossRefzbMATHGoogle Scholar
  13. 13.
    Goldreich, O.: Foundations of Cryptography: Volume 2, Basic Applications, 1st edn. Cambridge University Press (2004)Google Scholar
  14. 14.
    Hashimoto, Y.: Cryptanalysis of the quaternion rainbow. In: Sakiyama, K., Terada, M. (eds.) IWSEC 2013. LNCS, vol. 8231, pp. 244–257. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-41383-4_16CrossRefGoogle Scholar
  15. 15.
    Hashimoto, Y.: On the security of Circulant UOV/Rainbow. Cryptology ePrint Archive, Report 2018/847, October 2018. https://eprint.iacr.org/2018/947
  16. 16.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_15CrossRefGoogle Scholar
  17. 17.
    Kipnis, A., Shamir, A.: Cryptanalysis of the oil and vinegar signature scheme. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 257–266. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055733CrossRefGoogle Scholar
  18. 18.
    Peng, Z., Tang, S.: Circulant rainbow: a new rainbow variant with shorter private key and faster signature generation. IEEE Access 5, 11877–11886 (2017).  https://doi.org/10.1109/ACCESS.2017.2717279CrossRefGoogle Scholar
  19. 19.
    Petzoldt, A.: Selecting and Reducing Key Sizes for Multivariate Cryptography. Ph.D. thesis, Technische Universität Darmstadt, July 2013Google Scholar
  20. 20.
    Petzoldt, A., Bulygin, S.: Linear recurring sequences for the UOV key generation revisited. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 441–455. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-37682-5_31CrossRefGoogle Scholar
  21. 21.
    Petzoldt, A., Bulygin, S., Buchmann, J.: A multivariate signature scheme with a partially cyclic public key. In: Faugëre, J.C., Cid, C. (eds.) International Conference on Symbolic Computation and Cryptography, pp. 229–235, June 2010Google Scholar
  22. 22.
    Petzoldt, A., Bulygin, S., Buchmann, J.: CyclicRainbow – a multivariate signature scheme with a partially cyclic public key. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 33–48. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17401-8_4CrossRefGoogle Scholar
  23. 23.
    Petzoldt, A., Bulygin, S., Buchmann, J.: Selecting parameters for the rainbow signature scheme. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 218–240. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-12929-2_16CrossRefGoogle Scholar
  24. 24.
    Petzoldt, A., Bulygin, S., Buchmann, J.: Linear recurring sequences for the UOV key generation. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 335–350. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_21CrossRefzbMATHGoogle Scholar
  25. 25.
    Shim, K.-A., Park, C.-M., Baek, Y.-J.: Lite-Rainbow: lightweight signature schemes based on multivariate quadratic equations and their secure implementations. In: Biryukov, A., Goyal, V. (eds.) INDOCRYPT 2015. LNCS, vol. 9462, pp. 45–63. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-26617-6_3CrossRefGoogle Scholar
  26. 26.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997).  https://doi.org/10.1137/S0097539795293172MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    Tang, S., Yi, H., Ding, J., Chen, H., Chen, G.: High-speed hardware implementation of rainbow signature on FPGAs. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 228–243. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25405-5_15CrossRefGoogle Scholar
  28. 28.
    Thomae, E., Wolf, C.: Cryptanalysis of enhanced TTS, STS and all its variants, or: why cross-terms are important. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 188–202. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-31410-0_12CrossRefGoogle Scholar
  29. 29.
    Wolf, C., Preneel, B.: Taxonomy of Public Key Schemes based on the problem of \(\cal{M}\)ultivariate \(\cal{Q}\)uadratic equations. Cryptology ePrint Archive, Report 2005/077, March 2005. https://eprint.iacr.org/2005/077
  30. 30.
    Yasuda, T., Ding, J., Takagi, T., Sakurai, K.: A variant of rainbow with shorter secret key and faster signature generation. In: Chen, K., Xie, Q., Qiu, W., Xu, S., Zhao, Y. (eds.) ACM Workshop on Asia Public-Key Cryptography, pp. 57–62, May 2013.  https://doi.org/10.1145/2484389.2484401
  31. 31.
    Yasuda, T., Sakurai, K., Takagi, T.: Reducing the key size of rainbow using non-commutative rings. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 68–83. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-27954-6_5CrossRefGoogle Scholar
  32. 32.
    Yasuda, T., Takagi, T., Sakurai, K.: Efficient variant of Rainbow using sparse secret keys. J. Wirel. Mob. Netw. Ubiquitous Comput. Dependable Appl. 5(3), 3–13 (2014)Google Scholar
  33. 33.
    Yasuda, T., Takagi, T., Sakurai, K.: Efficient variant of rainbow without triangular matrix representation. In: Mahendra, M.S., Neuhold, E.J., Tjoa, M.A., You, I. (eds.) Information and Communication Technology. LNCS, vol. 8407, pp. 532–541. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55032-4_55CrossRefGoogle Scholar
  34. 34.
    Yi, H., Tang, S.: Very small FPGA processor for multivariate signatures. Comput. J. 59(7), 1091–1101 (2016).  https://doi.org/10.1093/comjnl/bxw008MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Gustavo Zambonin
    • 1
    Email author
  • Matheus S. P. Bittencourt
    • 1
  • Ricardo Custódio
    • 1
  1. 1.Departamento de Informática e EstatísticaUniversidade Federal de Santa CatarinaFlorianópolisBrazil

Personalised recommendations