New identified strategies to forge multivariate signature schemes
A rogue certificate authority (RCA) is a dishonest entity that has the trust of web browsers and users to produce valid key pairs which are vulnerable. This work analyses two acknowledged post-quantum secure Multivariate Quadratic Problem (MQP) based signature schemes, namely the UOV and Rainbow sig...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Published: |
MDPI AG
2022
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/102304/ |
| _version_ | 1848863768726994944 |
|---|---|
| author | Abdul Jamal, Nurul Amiera Sakinah Kamel Ariffin, Muhammad Rezal Sapar, Siti Hasana Abdullah, Kamilah |
| author_facet | Abdul Jamal, Nurul Amiera Sakinah Kamel Ariffin, Muhammad Rezal Sapar, Siti Hasana Abdullah, Kamilah |
| author_sort | Abdul Jamal, Nurul Amiera Sakinah |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | A rogue certificate authority (RCA) is a dishonest entity that has the trust of web browsers and users to produce valid key pairs which are vulnerable. This work analyses two acknowledged post-quantum secure Multivariate Quadratic Problem (MQP) based signature schemes, namely the UOV and Rainbow signature schemes that obtain their key pair from a potential RCA methodology. We revisit two and provide a novel RCA methodology that would enable adversaries to forge UOV and Rainbow signatures. We also lay out two strategies to identify whether the public parameters are generated by the first two methodologies. To this end, strategies to identify the third strategy remain elusive. As such, the UOV and Rainbow schemes remain vulnerable to forgery if it was forged via the third methodology. |
| first_indexed | 2025-11-15T13:38:10Z |
| format | Article |
| id | upm-102304 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-15T13:38:10Z |
| publishDate | 2022 |
| publisher | MDPI AG |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-1023042023-05-22T08:15:05Z http://psasir.upm.edu.my/id/eprint/102304/ New identified strategies to forge multivariate signature schemes Abdul Jamal, Nurul Amiera Sakinah Kamel Ariffin, Muhammad Rezal Sapar, Siti Hasana Abdullah, Kamilah A rogue certificate authority (RCA) is a dishonest entity that has the trust of web browsers and users to produce valid key pairs which are vulnerable. This work analyses two acknowledged post-quantum secure Multivariate Quadratic Problem (MQP) based signature schemes, namely the UOV and Rainbow signature schemes that obtain their key pair from a potential RCA methodology. We revisit two and provide a novel RCA methodology that would enable adversaries to forge UOV and Rainbow signatures. We also lay out two strategies to identify whether the public parameters are generated by the first two methodologies. To this end, strategies to identify the third strategy remain elusive. As such, the UOV and Rainbow schemes remain vulnerable to forgery if it was forged via the third methodology. MDPI AG 2022-11-10 Article PeerReviewed Abdul Jamal, Nurul Amiera Sakinah and Kamel Ariffin, Muhammad Rezal and Sapar, Siti Hasana and Abdullah, Kamilah (2022) New identified strategies to forge multivariate signature schemes. Symmetry, 14 (11). art. no. 2368. pp. 1-18. ISSN 2073-8994 https://www.mdpi.com/2073-8994/14/11/2368 10.3390/sym14112368 |
| spellingShingle | Abdul Jamal, Nurul Amiera Sakinah Kamel Ariffin, Muhammad Rezal Sapar, Siti Hasana Abdullah, Kamilah New identified strategies to forge multivariate signature schemes |
| title | New identified strategies to forge multivariate signature schemes |
| title_full | New identified strategies to forge multivariate signature schemes |
| title_fullStr | New identified strategies to forge multivariate signature schemes |
| title_full_unstemmed | New identified strategies to forge multivariate signature schemes |
| title_short | New identified strategies to forge multivariate signature schemes |
| title_sort | new identified strategies to forge multivariate signature schemes |
| url | http://psasir.upm.edu.my/id/eprint/102304/ http://psasir.upm.edu.my/id/eprint/102304/ http://psasir.upm.edu.my/id/eprint/102304/ |