Linear Recurring Sequences for the UOV Key Generation Revisited
نویسندگان
چکیده
Multivariate public key cryptography is one of the main approaches to guarantee the security of communication in the post-quantum world. Due to its high efficiency and modest computational requirements, multivariate cryptography seems especially appropriate for signature schemes on low cost devices. However, multivariate schemes are not much used yet, mainly because of the large size of their public keys. In [PB10] Petzoldt et al. presented an idea how to create a multivariate signature scheme with a partially cyclic public key based on the UOV scheme of Kipnis and Patarin [KP99]. In this paper we use their idea to create a multivariate signature scheme whose public key is mainly given by a linear recurring sequence (LRS). By doing so, we are able to reduce the size of the public key by up to 86 %. Moreover, we get a public key with good statistical properties.
منابع مشابه
On the security of Cubic UOV and its variants
The unbalanced oil and vinegar signature scheme (UOV) is one of signature schemes whose public key is a set of multivariate quadratic forms. Recently, a new variant of UOV called Cubic UOV was proposed at Inscrypt 2015. It was claimed that the cubic UOV was more efficient than the original UOV and its security was enough. However, an equivalent secret key of the cubic UOV can be recovered easil...
متن کاملA Study of the Security of Unbalanced Oil and Vinegar Signature Schemes
The Unbalanced Oil and Vinegar scheme (UOV) is a signature scheme based on multivariate quadratic equations. It uses m equations and n variables. A total of v of these are called “vinegar variables”. In this paper, we study its security from several points of view. First, we are able to demonstrate that the constant part of the affine transformation does not contribute to the security of UOV an...
متن کاملOn the security of Cubic UOV
The unbalanced oil and vinegar signature scheme (UOV) is one of signature schemes whose public key is a set of multivariate quadratic forms. Recently, a new variant of UOV called Cubic UOV was proposed at Inscrypt 2015. It was claimed that the cubic UOV was more efficient than the original UOV and its security was enough. However, an equivalent secret key of the cubic UOV can be recovered easil...
متن کاملEquidistribution of Linear Recurring Sequences in Finite Fields
According to a general principle established by the first author [ 121, any linear recurring sequence in a finite field which hes a sufficiently long period is almost equidistributed, in the sense that each element of the field occurs about equally often in the full period of the sequence. This raises the question of characterizing those linear recurring sequences for which we have exact equidi...
متن کاملField Lifting for Smaller UOV Public Keys
Most Multivariate Quadratic (MQ) signature schemes have a very large public key, which makes them unsuitable for many applications, despite attractive features such as speed and small signature sizes. In this paper we introduce a modification of the Unbalanced Oil and Vinegar (UOV) signature scheme that has public keys which are an order of magnitude smaller than other MQ signature schemes. The...
متن کامل