New Differential-Algebraic Attacks and Reparametrization of Rainbow

Ding, Jíntai; Yang, Bo‐Yin; Chen, Chia-Hsin Owen; Chen, Ming-Syan; Cheng, Chen-Mou

doi:10.1007/978-3-540-68914-0_15

Cited by 90 publications

(59 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…To execute a private map, we replace the "minus" components if needed, invert T , invert Q, invert S, and if needed verify a prefix/perturbation. Most small-field MPKCs -TTS, Rainbow, oil-and-vinegar [11,12,17,29] seem to behave the same over small odd prime fields and over F 2 k . Big-field MPKCs in odd-characteristic were mentioned in [35], but not much researched until recently.…”

Section: Background On Mpkcsmentioning

confidence: 93%

“…In 2004, traditional signature schemes using RSA or ECC are much slower than TTS/4 and SFLASH [1,10,37], but the latter have both been broken [17,18]. Although TTS/7 and 3IC-p seem ok today [8], the impending doom of SHA-1 [33] will force longer message digests and thus slower MPKCs while leaving RSA untouched.…”

Section: History and Questionsmentioning

confidence: 99%

“…-The segment structure is given by a sequence 0 < v 1 [8,17]. According to their criteria, the former instance should not be more secure than Rainbow/TTS at (F 31 , 24, 20, 20) and roughly the same as (F 31 , 16,16,8,16).…”

Section: Rainbow and Tts Families Of Digital Signaturesmentioning

confidence: 99%

See 2 more Smart Citations

SSE Implementation of Multivariate PKCs on Modern x86 CPUs

Chen

et al. 2009

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Multivariate Public Key Cryptosystems (MPKCs) are often touted as future-proofing against Quantum Computers. It also has been known for efficiency compared to "traditional" alternatives. However, this advantage seems to erode with the increase of arithmetic resources in modern CPUs and improved algorithms, especially with respect to Elliptic Curve Cryptography (ECC). In this paper, we show that hardware advances do not just favor ECC. Modern commodity CPUs also have many small integer arithmetic/logic resources, embodied by SSE2 or other vector instruction sets, that are useful for MPKCs. In particular, Intel's SSSE3 instructions can speed up both public and private maps over prior software implementations of Rainbow-type systems up to 4×. Furthermore, MPKCs over fields of relatively small odd prime characteristics can exploit SSE2 instructions, supported by most modern 64-bit Intel and AMD CPUs. For example, Rainbow over F31 can be up to 2× faster than prior implementations of similarly-sized systems over F16. Here a key advance is in using Wiedemann (as opposed to Gauss) solvers to invert the small linear systems in the central maps. We explain the techniques and design choices in implementing our chosen MPKC instances over fields such as F31, F16 and F256. We believe that our results can easily carry over to modern FPGAs, which often contain a large number of small multipliers, usable by odd-field MPKCs.

show abstract

Section: Background On Mpkcsmentioning

confidence: 93%

Section: History and Questionsmentioning

confidence: 99%

See 1 more Smart Citation

SSE Implementation of Multivariate PKCs on Modern x86 CPUs

Chen

et al. 2009

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…To cover these, we have to adapt the upper formula slightly. So, a cryptosystem, which shall be secure in the year y, must reach the security level To translate this security bound into the corresponding number of field multiplications, we use a data-point computed by J. Ding et al in [DY08]. There the authors solve a system of 37 quadratic equations in 22 variables over GF (2 8 ) in about 1.06 · 10 6 seconds on a single 2.2 GHz Opteron machine by XL-Wiedemann.…”

Section: The Modelmentioning

confidence: 99%

“…A good overview of these attacks can be found in [GC00]. Special attacks on Rainbow-like schemes were proposed by Ding and Yang in [DY08]. There have also been some attempts to derive appropriate parameters from the complexities of these attacks [CC08].…”

Section: Introductionmentioning

confidence: 99%

Selecting Parameters for the Rainbow Signature Scheme

Petzoldt

Bulygin

Buchmann

2010

Post-Quantum Cryptography

View full text Add to dashboard Cite

Abstract. Multivariate public key cryptography is one of the main approaches to guarantee the security of communication in a post-quantum world. One of the most promising candidates in this area is the Rainbow signature scheme, which was first proposed by J. Ding and D. Schmidt in 2005. In this paper we develop a model of security for the Rainbow signature scheme. We use this model to find parameters for Rainbow over GF(16), GF(31) and GF (256) which, under certain assumptions, guarantee the security of the scheme for now and the near future.

show abstract

Adding variables variation to Rainbow‐like scheme to enhance its security level against MinRank attack

Tan

Tang

Wang

2014

Security Comm Networks

View full text Add to dashboard Cite

Rainbow is a very effective multivariate digital signature scheme proposed by J. Ding and D. Schmidt. In this paper, we define any scheme that has basic multilayer Rainbow structure as Rainbow-like scheme. Then, we propose a way to enhance Rainbow-like schemes' security level against MinRank attack. In our construction, we simply turn some of their first layers' Oil variables into Vinegar variables by adding corresponding quadratic terms.

show abstract

New Differential-Algebraic Attacks and Reparametrization of Rainbow

Cited by 90 publications

References 21 publications

SSE Implementation of Multivariate PKCs on Modern x86 CPUs

SSE Implementation of Multivariate PKCs on Modern x86 CPUs

Selecting Parameters for the Rainbow Signature Scheme

Adding variables variation to Rainbow‐like scheme to enhance its security level against MinRank attack

Contact Info

Product

Resources

About