New Identified Strategies to Forge Multivariate Signature Schemes

New Identified Strategies to Forge Multivariate Signature Schemes

A rogue certificate authority (RCA) is a dishonest entity that has the trust of web browsers and users to produce valid key pairs which are vulnerable. This work analyses two acknowledged post-quantum secure Multivariate Quadratic Problem (MQP) based signature schemes, namely the UOV and Rainbow sig...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Symmetry (Basel) 2022-11, Vol.14 (11), p.2368
Hauptverfasser: Abdul Jamal, Nurul Amiera Sakinah, Kamel Ariffin, Muhammad Rezal, Sapar, Siti Hasana, Abdullah, Kamilah
Format: Artikel
Sprache:eng
Schlagworte:
Algebra
Algorithms
Cryptography
Digital signatures
Forgery
Methodology
Multivariate analysis
Multivariate Quadratic Problem
multivariate signature schemes
Parameter identification
Polynomials
Quantum computing
rainbow
Rainbows
rogue certificate authority
UOV
weak public key
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A rogue certificate authority (RCA) is a dishonest entity that has the trust of web browsers and users to produce valid key pairs which are vulnerable. This work analyses two acknowledged post-quantum secure Multivariate Quadratic Problem (MQP) based signature schemes, namely the UOV and Rainbow signature schemes that obtain their key pair from a potential RCA methodology. We revisit two and provide a novel RCA methodology that would enable adversaries to forge UOV and Rainbow signatures. We also lay out two strategies to identify whether the public parameters are generated by the first two methodologies. To this end, strategies to identify the third strategy remain elusive. As such, the UOV and Rainbow schemes remain vulnerable to forgery if it was forged via the third methodology.
ISSN:2073-8994
2073-8994
DOI:10.3390/sym14112368