• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.7
• /
• pp.2919-2937
• /
• 2020

Post-Quantum Cryptography (PQC) is rapidly developing as a stable and reliable quantum-resistant form of cryptography, throughout the industry. Similarly to existing cryptography, however, it does not prevent a third-party from using the secret key when third party obtains the secret key by deception, unauthorized sharing, or unauthorized proxying. The most effective alternative to preventing such illegal use is the utilization of biometrics during the generation of the secret key. In this paper, we propose a biometric-based secret key generation scheme for multivariate quadratic signature schemes, such as Rainbow. This prevents the secret key from being used by an unauthorized third party through biometric recognition. It also generates a shorter secret key by applying Principal Component Analysis (PCA)-based Confidence Interval Analysis (CIA) as a feature extraction method. This scheme's optimized implementation performed well at high speeds.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.533-544
• /
• 2021

Using Shor algorithm, factoring and discrete logarithm problem can be solved effectively. The public key cryptography, such as RSA and ECC, based on factoring and discrete logarithm problem can be broken in polynomial time using Shor algorithm. NIST has been conducting a PQC(Post Quantum Cryptography) standardization process to select quantum-resistant public key cryptography. The multivariate quadratic based signature scheme, which is one of the PQC candidates, is suitable for IoT devices with limited resources due to its short signature and fast sign and verify process. We analyzes classic attacks and quantum attacks for Rainbow which is the only multivatiate quadratic based signature scheme to be finalized up to the round 3. Also we compute the attack complexity for the round 3 Rainbow parameters, and analyzes the security level of Rainbow, one of the PQC standardization candidates.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.211-222
• /
• 2023

Multivariate quadratic equations (MQ)-based public-key cryptographic algorithms are one of promising post-quantumreplacements for currently used public-key cryptography. After selecting to NIST Post-Quantum Cryptography StandardizationRound 3 as one of digital signature finalists, Rainbow was cryptanalyzed by advanced algebraic attacks due to its multiple layered structure. The researches on MQ-based schemes are focusing on UOV with a single layer. In this paper, we propose a new MQ-signature scheme based on UOV using the combinations of the special structure of linear equations, spare polynomials and random polynomials to reduce the secret key size. Our scheme uses the block inversion method using half-sized blockmatrices to improve signing performance. We then provide security analysis, suggest secure parameters at three security levels and investigate their key sizes and signature sizes. Our scheme has the shortest signature length among post-quantumsignature schemes based on other hard problems and its secret key size is reduced by up to 97% compared to UOV.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.697-708
• /
• 2019

In this paper, we propose and implement a method to optimize Rainbow for 8 bit MCU(Microcontroller Unit). As quantum computers have been developed, the security of existing cryptography, especially the signature algorithms, has been threatened, so it is necessary to apply a signature scheme with a quantum-resistance to IoT devices. Currently, the proposed PQC(Post Quantum Cryptography) are lattice-based, hash-based, code-based, and MQ(Multivariate Quadratic)-based cryptographic algorithms and signature schemes. In particular, MQ-based signature schemes are faster than conventional signature schemes and are suitable for IoT devices Do. However, it is difficult to apply 8-bit MCU, which has a large key length and large number of computations, to the memory and performance of IoT devices. In this paper, we propose a method of storing Rainbow, which is a MQ-based signing scheme, in 8-bit MCU by dividing the key and optimizing the computation method. By reducing the memory consumption and improving the algorithm speedily, Compare performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.1-9
• /
• 2024

Multivariate Quadratic (MQ)-based digital signature schemes have advantages such as ease of implementation and small signature sizes, making them promising candidates for post-quantum cryptography. To enhance the efficiency of such MQ-based digital signature schemes, utilizing sparse matrices have been proposed, including HiMQ, which has been standardized by Korean Telecommunications Technology Association standard. However, HiMQ shares a similar key structure with Rainbow, which is a representative MQ-based digital signature scheme and was broken by the MinRank attack proposed in 2022. While HiMQ was standardized by a TTA and recommended parameters were provided, these parameters were based on cryptanalysis as of 2020, without considering recent attacks. In this paper, we examine attacks applicable to MQ-based digital signatures, specifically targeting HiMQ, and perform a security analysis. The most effective attack against HiMQ is the combined attack, an improved version of the MinRank attack proposed in 2022, and none of the three recommended parameters satisfy the desired security strength. Furthermore, HiMQ-128 and HiMQ-160 do not meet the minimum security strength requirement of 128-bit security level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.527-532
• /
• 2021

In this paper, we propose an efficient finite field computation method for Rainbow algorithm, which is the only multivariate quadratic-equation based digital signature among the current US NIST PQC standardization Final List algorithms. Recently, Chou et al. proposed a new efficient implementation method for Rainbow on the Cortex-M4 environment. This paper proposes a new multiplication method over the finite field that can reduce the number of XOR operations by more than 13.7% compared to the Chou et al. method. In addition, a multiplicative inversion over that can be performed by a 4x4 matrix inverse instead of the table lookup method is presented. In addition, the performance is measured by porting the software to which the new method was applied onto RaspberryPI 3B+.