Browse > Article
http://dx.doi.org/10.3837/tiis.2018.03.022

Circulant UOV: a new UOV variant with shorter private key and faster signature generation  

Peng, Zhiniang (School of Computer Science & Engineering, South China University of Technology)
Tang, Shaohua (School of Computer Science & Engineering, South China University of Technology)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.12, no.3, 2018 , pp. 1376-1395 More about this Journal
Abstract
UOV is one of the most important signature schemes in Multivariate Public Key Cryptography (MPKC). It has a strong security guarantee and is considered to be quantum-resistant. However, it suffers from large key size and its signing procedure is relatively slow. In this paper, we propose a new secure UOV variant (Circulant UOV) with shorter private key and higher signing efficiency. We estimate that the private key size of Circulant UOV is smaller by about 45% than that of the regular UOV and its signing speed is more than 14 times faster than that of the regular UOV. We also give a practical implementation on modern x64 CPU, which shows that Circulant UOV is comparable to many other signature schemes.
Keywords
MPKC; UOV Signature Scheme; Post-Quantum Cryptosystem; AVX2;
Citations & Related Records
연도 인용수 순위
  • Reference
1 V. Dubois, P. Fouque, A. Shamir and J. Stern, "Practical Cryptanalysis of SFLASH," in Proc. of Annual International Cryptology Conference. Springer, pp. 1-12, 2007.
2 R. Perlner and D. Smith-Tone, "A classification of differential invariants for multivariate post-quantum cryptosystems," in Proc. of International Workshop on Post-Quantum Cryptography. Springer, pp. 165-173, 2013.
3 H. Seo, J. Kim, J. Choi, T. Park, Z. Liu, and H. Kim, "Small private key MQPKS on an embedded microprocessor," Sensors, vol. 14, no. 3, pp. 5441-5458, 2014.   DOI
4 F. Borges, A. Petzoldt, and R. Portugal, "Small private keys for systems of multivariate quadratic equations using symmetric cryptography," Available online: http://www. informatik.tu-darmstadt.de/fileadmin/userupload/GroupTK/UOVcnmac2012-final.pdf (accessed on 10 January 2014), 2014.
5 T. Yasuda, T. Takagi, and K. Sakurai, "Efficient variant of Rainbow using sparse secret keys," Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), vol. 5, no. 3, pp. 3-13, 2014.
6 T. Yasuda, J. Ding, T. Takagi, and K. Sakurai, "A variant of Rainbow with shorter secret key and faster signature generation," in Proc. of Proceedings of the first ACM workshop on Asia public key cryptography. ACM, pp. 57-62, 2013.
7 T. Yasuda, T. Takagi, and K. Sakurai, "Efficient variant of Rainbow without triangular matrix representation," in Proc. of Information and Communication Technology-EurAsia Conference. Springer, pp. 532-541, 2014.
8 Y. Tan and S. Tang, "Two approaches to build UOV variants with shorter private key and faster signature generation," in Proc. of International Conference on Information Security and Cryptology. Springer, 2015, pp. 57-74.
9 A. Kipnis and A. Shamir, "Cryptanalysis of the Oil and Vinegar signature scheme," in Proc. of Annual International Cryptology Conference. Springer, pp. 257-266, 1998.
10 A. Kipnis, J. Patarin, and L. Goubin, "Unbalanced Oil and Vinegar signature schemes," Advances in Cryptology-EUROCRYPT'99. Springer, pp. 206-222, 1999.
11 A. Petzoldt, S. Bulygin, and J. Buchmann, "Fast verification for improved versions of the UOV and Rainbow signature schemes," Post-Quantum Cryptography. Springer, pp. 188-202, 2013.
12 T. Matsumoto and H. Imai, "Public quadratic polynomial-tuples for efficient signature-verification and message-encryption," in Proc. of Workshop on the Theory and Application of of Cryptographic Techniques. Springer, pp. 419-453, 1988.
13 J. Hoffstein, J. Pipher and J. Silverman, "NTRU: A ring-based public key cryptosystem," Algorithmic number theory. Springer, pp. 267-288, 1998.
14 T. Guneysu, T. Oder, T. Poppelmann and P. Schwabe, "Software speed records for lattice-based signatures," in Proc. of International Workshop on Post-Quantum Cryptography. Springer, pp. 67-82, 2013.
15 A. Szepieniec, J. Ding and B. Preneel, "Extension Field Cancellation: a New Central Trapdoor for Multivariate Quadratic Systems," in Proc. of International Workshop on Post-Quantum Cryptography. Springer, pp. 182-196, 2016.
16 H. Imai and T. Matsumoto, "Algebraic methods for constructing asymmetric cryptosystems," in Proc. of International Conference on Applied Algebra, Algebraic Algorithms, and Error-Correcting Codes. Springer, pp. 108-119, 1985.
17 P. Shor, "Algorithms for quantum computation: discrete logarithms and factoring," in Proc. of Foundations of Computer Science, 1994 Proceedings, 35th Annual Symposium on. IEEE, pp. 124-134, 1994.
18 P. Shor, "Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer," SIAM Journal on Computing, vol. 26, pp. 1484-1509, 1996.
19 D. J. Bernstein, J. Buchmann, and E. Dahmen, "Post-quantum cryptography," Springer Science & Business Media, 2009.
20 L. Chen, S. Jordan, Y.-K. Liu, D. Moody, R. Peralta, R. Perlner, and D. Smith-Tone, "Report on post-quantum cryptography," National Institute of Standards and Technology Internal Report, vol. 8105, 2016.
21 B. Yang and J. Chen, "Building secure tame-like multivariate public-key cryptosystems: The new TTS," Information Security and Privacy. Springer, pp. 518-531, 2005.
22 D. Gligoroski, S. Markovski, and S. J. Knapskog, "Multivariate quadratic trapdoor functions based on multivariate quadratic quasigroups," in Proc. of Proceedings of the American Conference on Applied Mathematics, Stevens Point, Wisconsin, USA, World Scientific and Engineering Academy and Society (WSEAS), pp. 44-49, 2008.
23 A. Petzoldt, "Selecting and reducing key sizes for multivariate cryptography," Doctoral dissertation, tuprints, 2013. Article (Direct Link)
24 W. Bosma, J. Cannon, and C. Playoust, "The Magma algebra system I: The user language," Journal of Symbolic Computation, vol. 24, no. 3, pp. 235-265, 1997.   DOI
25 A. Joux and V. Vitse, "A variant of the F4 algorithm," Topics in Cryptology-CT-RSA 2011. Springer, pp. 356-375, 2011.
26 J.-C. Faugere, "A new efficient algorithm for computing Grobner bases (F4)," Journal of pure and applied algebra, vol. 139, no. 1, pp. 61-88, 1999.   DOI
27 B. Sturmfels, "What is a Grobner basis," Notices Amer. Math. Soc, vol. 52, no. 10, pp. 1199-1200, 2005.
28 L. Bettale, J.-C. Faugere, and L. Perret, "Hybrid approach for solving multivariate systems over finite fields," Journal of Mathematical Cryptology, vol. 3, no. 3, pp. 177-197, 2009.   DOI
29 J. Ding, B.-Y. Yang, C.-H. O. Chen, M.-S. Chen, and C.-M. Cheng, "New differential-algebraic attacks and reparametrization of Rainbow," in Proc. of International Conference on Applied Cryptography and Network Security. Springer, pp. 242-257, 2008.
30 M. Bardet, J.-C. Faugere, and B. Salvy, "On the complexity of Grobner basis computation of semi-regular overdetermined algebraic equations," in Proc. of Proceedings of the International Conference on Polynomial System Solving, pp. 71-74, 2004.
31 D. Bini, G. M. Del Corso, G. Manzini, and L. Margara, "Inversion of circulant matrices over Zm," Automata, Languages and Programming. Springer, pp. 719-730, 1998.
32 M. Bardet, J.-C. Faugere, B. Salvy, and B.-Y. Yang, "Asymptotic expansion of the degree of regularity for semi-regular systems of equations," Mega, pp. 1-14, 2005.
33 J.-C. Faugere, F. Levy-Dit-Vehel, and L. Perret, "Cryptanalysis of MinRank," iAdvances in Cryptology-CRYPTO 2008. Springer, pp. 280-296, 2008.
34 A. Petzoldt, M.-S. Chen, B.-Y. Yang, C. Tao, and J. Ding, "Design principles for HFEv-based multivariate signature schemes," in Proc. of International Conference on the Theory and Application of Cryptology and Information Security. Springer, pp. 311-334, 2015.
35 C. Tao, A. Diene, S. Tang, and J. Ding, "Simple Matrix Scheme for Encryption," PQCrypto, vol. 13, pp. 231-242, 2013.
36 J. Patarin, "Hidden fields equations (HFE) and isomorphisms of polynomials (IP): Two new families of asymmetric algorithms," in Proc. of Advances in Cryptology-EUROCRYPT' 96. Springer, pp. 33-48, 1996.
37 J. Porras, J. Baena, and J. Ding, "ZHFE, a new multivariate public key encryption scheme," Post-Quantum Cryptography. Springer, pp. 229-245, 2014.
38 J. Ding, B. Yang, C. Chen, M. Chen, and C. Cheng, "New differential algebraic attacks and reparametrization of Rainbow," in Proc. of Proceedings of the 6th international conference on Applied cryptography and network security. Springer Verlag, pp. 242-257, 2008.
39 E. Thomae, "A generalization of the Rainbow Band Separation attack and its applications to multivariate schemes," IACR Cryptology ePrint Archive, vol. 2012, p. 223, 2012.
40 J. Ding and D. Schmidt, "Rainbow, a new multivariable polynomial signature scheme," Applied Cryptography and Network Security. Springer, pp. 317-366, 2005.
41 A. Petzoldt, S. Bulygin, and J. Buchmann, "CyclicRainbow-A multivariate signature scheme with a partially cyclic public key," Progress in Cryptology-INDOCRYPT 2010. Springer, pp. 33-48, 2010.
42 A. Petzoldt, S. Bulygin and J. Buchmann, "A multivariate signature scheme with a partially cyclic public key," in Proc. of Proceedings of SCC 2010. Citeseer, 2010.
43 A. Petzoldt and S. Bulygin, "Linear recurring sequences for the UOV key generation revisited," Information Security and Cryptology-ICISC 2012. Springer, pp. 441-455, 2013.
44 A. Shamir, "Efficient signature schemes based on birational permutations," in Proc. of Annual International Cryptology Conference. Springer, pp. 1-12, 1993.
45 O. Billet and H. Gilbert, "Cryptanalysis of Rainbow," in Proc. of International Conference on Security and Cryptography for Networks. Springer, pp. 336-347, 2006.
46 "OpenSSL,".
47 A. I.-T. Chen, M.-S. Chen, T.-R. Chen, C.-M. Cheng, J. Ding, E. L.-H. Kuo, F. Y.-S. Lee, and B.-Y. Yang, "SSE implementation of multivariate PKCs on modern x86 CPUs," Cryptographic Hardware and Embedded Systems-CHES 2009. Springer, pp. 33-48, 2009.
48 J. Patarin, L. Goubin, and N. Courtois, "C-+* and HM: Variations around two schemes of T. Matsumoto and H. Imai," in Proc. of International Conference on the Theory and Application of Cryptology and Information Security. Springer, pp. 35-50, 1998.
49 E. Barker, W. Barker, W. Burr, W. Polk, M. Smid, P. D. Gallagher et al., "NIST special publication 800-57 recommendation for key management-part 1: General," 2012.
50 Courtois and Nicolas T, "The security of hidden field equations HFE," in Proc. of Track at the RSA Conference. Springer, pp. 266-281, 2001.
51 Patarin and Jacques, "Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt'88," in Proc. of Annual International Cryptology Conference. Springer, pp. 248-261, 1995.