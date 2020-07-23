giovedì, Luglio 23, 2020
EPRINT REPORT: ULTRA-SHORT MULTIVARIATE PUBLIC KEY SIGNATURES

(AGENPARL) – WORLD WIDE, gio 23 luglio 2020
Cryptology ePrint Archive: Report 2020/914 – Ultra-Short Multivariate Public Key Signatures

Cryptology ePrint Archive: Report 2020/914

Ultra-Short Multivariate Public Key Signatures

Jacques Patarin and Gilles Macario-Rat and Maxime Bros and Eliane Koussa

Abstract: In this paper we study multivariate public key signature schemes with “ultra”-short signatures. In order to do so, we consider that signing and verifying a signature could require about 1 minute of computation on a modern personal computer.
Despite the fact that this time is way bigger than the time required by general purpose multivariate-based signature schemes, such as Quartz or GeMMS, it enables us to reach ultra-short signature length, for instance, around 70 bits long signatures for a security of 80 bits.
Two main issues arise when one wants to build a signature scheme with ultra-short signatures: avoiding the birthday paradox attack and having the ability to sign arbitraly long messages, this paper gives ways to overcome both.

In a first part, we describe the attacks against multivariate public key signature and
use them to compute the minimal parameters that an ultra-short signature scheme would have.
In a second part, we give an explicit example of such an ultra-short signature scheme
using HFE-like algorithms.
In the end, we give parameters for several level of security: 80, 90, 100 bits and the classic 128, 192, and 256 bits; for each of them, we propose different choices of finite fields.

Category / Keywords: public-key cryptography / HFE, Multivariate Cryptography, Public Key Cryptography, Ultra-Short Signature.

Date: received 22 Jul 2020

Contact author: jpatarin at club-internet fr , ejkoussa@outlook com , maxime bros@unilim fr , gilles macariorat@orange com

Available format(s): PDF | BibTeX Citation

Version: :010530 (All versions of this report)

Short URL: ia.cr/2020/914

[ Cryptology ePrint archive ]

0https://eprint.iacr.org/2020/914.pdf’>https://eprint.iacr.org/2020/914.pdf

Fonte/Source: https://eprint.iacr.org/2020/914

