Quo Vadis Quaternion? Cryptanalysis of Rainbow over Non-commutative Rings
نویسنده
چکیده
The Rainbow Signature Scheme is a non-trivial generalization of the well known Unbalanced Oil and Vinegar Signature Scheme (Eurocrypt '99) minimizing the length of the signatures. Recently a new variant based on non-commutative rings, called NC-Rainbow, was introduced at CT-RSA 2012 to further minimize the secret key size. We disprove the claim that NC-Rainbow is as secure as Rainbow in general and show how to reduce the complexity of MinRank attacks from 2 to 2 and of HighRank attacks from 2 to 2 for the proposed instantiation over the ring of Quaternions. We further reveal some facts about Quaternions that increase the complexity of the signing algorithm. We show that NC-Rainbow is just a special case of introducing further structure to the secret key in order to decrease the key size. As the results are comparable with the ones achieved by equivalent keys, which provably do not decrease security, and far worse than just using a PRNG, we recommend not to use NC-Rainbow.
منابع مشابه
Key Agreement Protocols Using Multivariate Equations on Non-commutative Ring
In this paper we propose two KAP(key agreement protocols) using multivariate equations. As the enciphering functions we select the multivariate functions of high degree on non-commutative ring H over finite field Fq. Two enciphering functions are slightly different from the enciphering function previously proposed by the present author. In proposed systems we can adopt not only the quaternion r...
متن کاملCryptanalysis of the Birational Permutation Signature Scheme over a Non-commutative Ring
In 2008, Hashimoto and Sakurai proposed a new efficient signature scheme, which is a non-commutative ring version of Shamir’s birational permutation signature scheme. Shamir’s scheme is a generalization of the OSS (Ong-Schnorr-Shamir) signature scheme and was broken by Coppersmith et al. using its linearity and commutativity. The HS (Hashimoto-Sakurai) scheme is expected to be secure against th...
متن کاملOn the commuting graph of non-commutative rings of order $p^nq$
Let $R$ be a non-commutative ring with unity. The commuting graph of $R$ denoted by $Gamma(R)$, is a graph with vertex set $RZ(R)$ and two vertices $a$ and $b$ are adjacent iff $ab=ba$. In this paper, we consider the commuting graph of non-commutative rings of order pq and $p^2q$ with Z(R) = 0 and non-commutative rings with unity of order $p^3q$. It is proved that $C_R(a)$ is a commutative ring...
متن کاملAN INTEGRAL DEPENDENCE IN MODULES OVER COMMUTATIVE RINGS
In this paper, we give a generalization of the integral dependence from rings to modules. We study the stability of the integral closure with respect to various module theoretic constructions. Moreover, we introduce the notion of integral extension of a module and prove the Lying over, Going up and Going down theorems for modules.
متن کاملOn the commuting graph of some non-commutative rings with unity
Let $R$ be a non-commutative ring with unity. The commuting graph of $R$ denoted by $Gamma(R)$, is a graph with a vertex set $Rsetminus Z(R)$ and two vertices $a$ and $b$ are adjacent if and only if $ab=ba$. In this paper, we investigate non-commutative rings with unity of order $p^n$ where $p$ is prime and $n in lbrace 4,5 rbrace$. It is shown that, $Gamma(R)$ is the disjoint ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2012 شماره
صفحات -
تاریخ انتشار 2012