Multivariate Signature Scheme using Quadratic Forms Takanori Yasuda (ISIT) Joint work with Tsuyoshi Takagi (Kyushu Univ.), Kouichi Sakurai (Kyushu Univ.)

Slides:



Advertisements
Similar presentations
Asymptotically Optimal Communication for Torus- Based Cryptography David Woodruff MIT Joint work with Marten van Dijk Philips/MIT.
Advertisements

A Fast Data Protection Technique for Mobile Agents to Avoid Attacks in Malicious Hosts Jesús Arturo Pérez Díaz Darío Álvarez Gutiérrez Department of Informatics.
1 Design of Key-Sharing System Based on a Unique Device Kenji Imamoto (Kyushu Univ.) Hiromi Fukaya (Pastel) Kouichi Sakurai (Kyushu Univ.)
Many-to-one Trapdoor Functions and their Relations to Public-key Cryptosystems M. Bellare S. Halevi A. Saha S. Vadhan.
An Ω(n 1/3 ) Lower Bound for Bilinear Group Based Private Information Retrieval Alexander Razborov Sergey Yekhanin.
Fast Multi-Scalar Multiplication Methods on Elliptic Curves with Precomputation Strategy using Montgomery Trick Hitachi Ltd. Katsuyuki Okeya Kouichi Sakurai.
The Physically Observable Security of Signature Schemes Alexander W. Dent Joint work with John Malone-Lee University of Bristol.
Overview of Cryptography Anupam Datta CMU Fall A: Foundations of Security and Privacy.
Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.
The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 游精允.
N. Karampetakis, S. Vologiannidis
Eigen-decomposition of a class of Infinite dimensional tridiagonal matrices G.V. Moustakides: Dept. of Computer Engineering, Univ. of Patras, Greece B.
Lecture 23 Symmetric Encryption
On the fundamental matrix of the inverse of a polynomial matrix and applications N. P. Karampetakis S. Vologiannidis Department of Mathematics Aristotle.
Ger man Aerospace Center Gothenburg, April, 2007 Coding Schemes for Crisscross Error Patterns Simon Plass, Gerd Richter, and A.J. Han Vinck.
Many quadratic equations can not be solved by factoring. Other techniques are required to solve them. 7.1 – Completing the Square x 2 = 20 5x =
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
ASYMMETRIC CIPHERS.
5.1 Orthogonality.
Lecture 8 Digital Signatures. This lecture considers techniques designed to provide the digital counterpart to a handwritten signature. A digital signature.
The RSA Algorithm Rocky K. C. Chang, March
Cryptosystems for Social Organizations based on TSK( Tsujii-Shamir-Kasahara ) ー MPKC Shigeo Tsujii Kohtaro Tadaki Masahito Gotaishi Ryo Fujita Hiroshi.
Digital signature in automatic analyses for confidentiality against active adversaries Ilja Tšahhirov, Peeter Laud.
ORDINARY DIFFERENTIAL EQUATION (ODE) LAPLACE TRANSFORM.
FINITE FIELDS 7/30 陳柏誠.
An Efficient Identity-based Cryptosystem for
Oblivious Signature-Based Envelope Ninghui Li, Stanford University Wenliang (Kevin) Du, Syracuse University Dan Boneh, Stanford University.
MAT 4725 Numerical Analysis Section 8.2 Orthogonal Polynomials and Least Squares Approximations (Part II)
Gram-Schmidt Orthogonalization
AES Background and Mathematics CSCI 5857: Encoding and Encryption.
02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.
Rijndael Advanced Encryption Standard. Overview Definitions Definitions Who created Rijndael and the reason behind it Who created Rijndael and the reason.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Public key ciphers 2 Session 6.
Multivariate Signature Scheme using Quadratic Forms Takanori Yasuda (ISIT) Joint work with Tsuyoshi Takagi (Kyushu Univ.), Kouichi Sakurai (Kyushu Univ.)
Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez.
PRBG Based on Couple Chaotic Systems & its Applications in Stream- Cipher Cryptography Li Shujun, Mou Xuanqin, Cai Yuanlong School of Electronics & Information.
Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.
© 2013 Toshiba Corporation An Estimation of Computational Complexity for the Section Finding Problem on Algebraic Surfaces Chiho Mihara (TOSHIBA Corp.)
Packet-Marking Scheme for DDoS Attack Prevention
ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.
Chapter 10 Real Inner Products and Least-Square
Scott CH Huang COM 5336 Cryptography Lecture 6 Public Key Cryptography & RSA Scott CH Huang COM 5336 Cryptography Lecture 6.
NEW DIRECTIONS IN CRYPTOGRAPHY Made Harta Dwijaksara, Yi Jae Park.
Fast Verification for Improved Versions of the UOV and Rainbow Signature Schemes Albrecht Petzoldt, Stanislav Bulygin and Johannes Buchmann TU Darmstadt,
Chapter 9 Public Key Cryptography and RSA. Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender.
Identity based signature schemes by using pairings Parshuram Budhathoki Department of Mathematical Science FAU 02/21/2013 Cyber Security Seminar, FAU.
An Improved Efficient Secret Handshakes Scheme with Unlinkability Author: Jie Gu and Zhi Xue Source: IEEE Comm. Letters 15 (2) (2011) Presenter: Yu-Chi.
Unconditionally Secure Chaffing-and-Winnowing for Multiple Use Wataru Kitada 1, Goichiro Hanaoka 2, Kanta Matsuura 1, Hideki Imai 2 1. IIS, the University.
Copyright 2012, Toshiba Corporation. A Survey on the Algebraic Surface Cryptosystems Koichiro Akiyama ( TOSHIBA Corporation ) Joint work with Prof. Yasuhiro.
Tae-Joon Kim Jong yun Jun
Key Management Network Systems Security Mort Anvari.
DIGITAL SIGNATURE(DS) IN VIDEO. Contents  What is Digital Signature(DS)?  General Signature Vs. Digital Signatures  How DS is Different from Encryption?
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
Introduction to Pubic Key Encryption CSCI 5857: Encoding and Encryption.
Ruhr University Bochum Faculty of Mathematics Information-Security and Cryptology Some new aspects concerning the Analysis of HFE type Cryptosystems Magnus.
Key Generation Protocol in IBC Author : Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1.
Impossibility proofs for RSA signatures in the standard model Pascal Paillier Topics in Cryptology – CT-RSA 2007.
Chapter 9 – Public Key Cryptography and RSA Every Egyptian received two names, which were known respectively as the true name and the good name, or the.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 The RSA Algorithm Rocky K. C. Chang February 23, 2007.
Key Exchange in Systems VPN usually has two phases –Handshake protocol: key exchange between parties sets symmetric keys –Traffic protocol: communication.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Quick reviews / corrections
Aesun Park1 , Kyung-Ah Shim2*, Namhun Koo2, and Dong-Guk Han1
Key Management Network Systems Security
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
TWO-FACE New Public Key Multivariate Schemes
Presentation transcript:

Multivariate Signature Scheme using Quadratic Forms Takanori Yasuda (ISIT) Joint work with Tsuyoshi Takagi (Kyushu Univ.), Kouichi Sakurai (Kyushu Univ.) 2013/3/3 Workshop on Solving Multivariate Polynomial Systems and Related Topics

Contents 1.Multivariate Signature Schemes 2.Quadratic Forms 3.Multivariate System defined by Quadratic Forms 4.Application to Signature Scheme 5.Comparison with Rainbow 1.Efficiency of Signature Generation 2.Key Sizes 3.Security 6.Conclusion 1

MPKC Signature Signature Message 6 For any message M, there must exist the corresponding signature. F is surjective.

New Multivariate Polynomial Map We introduce a multivariate polynomial map not surjective, and apply it to signature. 2 For a symmetric matrix A,

Problems of G 3 Is G applicable to signature or not? Problems

Quadratic Forms

How to compute the inverse map 5 Simple case Problem 1’ is equivalent to

Real field Case Gram-Schmidt orthonormalization provides an efficient algorithm to solve Problem 1’’. Definition: We want to apply Gram-Schmidt orthonormalization technique to the case of finite fields.

Finite Field Case However, we can extend Gram-Schmidt orthonormalization by inserting a step: We cannot apply Gram-Schmidt orthonormalization directly. Solve Problem 1’

Problem 2 7

Classification Theorem

Application to MPKC Signature Scheme

Signature Generation

Property of Our Scheme 14

Property of Our Scheme Multivariate Polynomial Maps Rainbow UOV HFE MI Proposal Surjective Not Surjective 4

Security of Our Scheme There are several attacks of MPKC signature schemes which depend on the structure of central map. For example, UOV attack is an attack which transforms public key into a form of central map of UOV scheme. o Central maps of UOV ara surjective. o The public key of our scheme cannot be transformed into any surjective map. These attacks is not applicable against our scheme. ( Other example: Rainbow-band-separation attack, UOV-Reconciliation attack ) However, attacks which is independent of scheme, like direct attacks, are applicable to our scheme. 15

Comparison with Rainbow 16

Conclusion We propose a new MPKC signature scheme using quadtaci forms. The multivariate polynomial map used in the scheme is not surjective. Signature generation uses an extended Gram-Schmidt orthonormalization. It is 8 or 9 times more efficient than that of Rainbow at the level of 88-bit security. Future Work Security analysis Application to encryption scheme 17

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.