Chosen Message Attack on Multivariate Signature ELSA at Asiacrypt 2017

Hashimoto, Yasuhiko; Ikematsu, Yasuhiko; Takagi, Tsuyoshi

doi:10.2197/ipsjjip.27.517

Cited by 2 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, as described in §4, such circulant structures weaken the security critically, especially against Kipnis-Shamir's attack [4,9]. This situation is similar to ELSA, another fast variant of Rainbow proposed at Asiacrypt 2017 [16] and broken at IWSEC 2018 [17]. We thus consider that we must study the security quite carefully when we attempt to improve the efficiency of these schemes.…”

Section: Resultsmentioning

confidence: 89%

Key recovery attack on Circulant UOV/Rainbow

Hashimoto

2019

JSIAM Letters

Self Cite

View full text Add to dashboard Cite

UOV and Rainbow are multivariate signature schemes, which are known to be efficient and secure enough against known attacks under suitable parameter selections, and have been expected to be post-quantum cryptography. Recently, new variants of UOV and Rainbow, called Circulant UOV and Circulant Rainbow respectively, were proposed by Peng and Tang. In these variants, the signature generation is faster than the original schemes since circulant matrices appear in the process of signature generation. However, such circulant structures weaken the security. In this paper, we study the structures of these circulant variants and show that they are vulnerable against Kipnis-Shamir's attack.

show abstract

Section: Resultsmentioning

confidence: 89%

Key recovery attack on Circulant UOV/Rainbow

Hashimoto

2019

JSIAM Letters

Self Cite

View full text Add to dashboard Cite

show abstract

“…[3,[6][7][8][9]. Unfortunately, some of them are much less secure than expected, since the special structures in these arrangements for reducing the keys yield vulnerabilities [10][11][12][13][14].…”

Section: Introductionmentioning

confidence: 99%

Key recovery attack on Hufu-UOV

Hashimoto

2022

JSIAM Letters

Self Cite

View full text Add to dashboard Cite

The unbalanced oil and vinegar signature scheme (UOV) is a signature scheme whose public key is a set of quadratic polynomials over a finite field. This scheme has been considered to be secure and efficient enough under suitable parameter selections. However, its key size is relatively large, and then various arrangements of UOV with smaller keys have been proposed. Hufu-UOV proposed by Tao in 2019 is one of such variants of UOV, whose keys are generated by circulant and Toeplitz matrices. In the present paper, we study the security of Hufu-UOV and propose an attack on it.

show abstract

Chosen Message Attack on Multivariate Signature ELSA at Asiacrypt 2017

Cited by 2 publications

References 12 publications

Key recovery attack on Circulant UOV/Rainbow

Key recovery attack on Circulant UOV/Rainbow

Key recovery attack on Hufu-UOV

Contact Info

Product

Resources

About