Published: April 8, 2018
Author(s)
Jintai Ding (University of Cincinnati), Ray Perlner (NIST), Albrecht Petzoldt (NIST), Daniel Smith-Tone (NIST)
Conference
Name: 9th International Conference on Post-Quantum Cryptography (PQCrypto 2018)
Dates: 04/09/2018 - 04/11/2018
Location: Fort Lauderdale, Florida, United States
Citation: Post-Quantum Cryptography, vol. 10786, pp. 375-395
The HFEv- signature scheme is one of the most studied multivariate schemes and one of the major candidates for the upcoming standardization of post-quantum digital signature schemes. In this paper, we propose three new attack strategies against HFEv-, each of them using the idea of projection. Especially our third attack is very effective and is, for some parameter sets, the most efficient known attack against HFEv-. Furthermore, our attack requires much less memory than direct and rank attacks. By our work, we therefore give new insights in the security of the HFEv- signature scheme and restrictions for the parameter choice of a possible future standardized HFEv- instance.
The HFEv- signature scheme is one of the most studied multivariate schemes and one of the major candidates for the upcoming standardization of post-quantum digital signature schemes. In this paper, we propose three new attack strategies against HFEv-, each of them using the idea of projection....
See full abstract
The HFEv- signature scheme is one of the most studied multivariate schemes and one of the major candidates for the upcoming standardization of post-quantum digital signature schemes. In this paper, we propose three new attack strategies against HFEv-, each of them using the idea of projection. Especially our third attack is very effective and is, for some parameter sets, the most efficient known attack against HFEv-. Furthermore, our attack requires much less memory than direct and rank attacks. By our work, we therefore give new insights in the security of the HFEv- signature scheme and restrictions for the parameter choice of a possible future standardized HFEv- instance.
Hide full abstract
Keywords
multivariate cryptography; HFEv-; MinRank; Gröbner basis; projection
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
