Probabilistic hash-and-sign with retry in the quantum random oracle model
H Kosuge, K Xagawa - IACR International Conference on Public-Key …, 2024 - Springer
A hash-and-sign signature based on a preimage-sampleable function (Gentry et al., STOC
2008) is secure in the quantum random oracle model if the preimage-sampleable function is …
2008) is secure in the quantum random oracle model if the preimage-sampleable function is …
Revisiting the security analysis of SNOVA
Y Ikematsu, R Akiyama - Proceedings of the 11th ACM Asia Public-Key …, 2024 - dl.acm.org
SNOVA is a multivariate signature scheme submitted to the additional NIST PQC
standardization project started in 2022. SNOVA is constructed by incorporating the structure …
standardization project started in 2022. SNOVA is constructed by incorporating the structure …
MAYO key recovery by fixing vinegar seeds
S Jendral, E Dubrova - Cryptology ePrint Archive, 2024 - eprint.iacr.org
As the industry prepares for the transition to post-quantum secure public key cryptographic
algorithms, vulnerability analysis of their implementations is gaining importance. A …
algorithms, vulnerability analysis of their implementations is gaining importance. A …
[PDF][PDF] HaMAYO: A Reconfigurable Hardware Implementation of the Post-Quantum Signature Scheme MAYO.
O Sayari, S Marzougui, T Aulbach, J Krämer… - IACR Cryptol. ePrint …, 2023 - iacr.steepath.eu
MAYO is a topical modification of the established multivariate signature scheme Unbalanced
Oil and Vinegar (UOV), with a significantly reduced public key size while maintaining the …
Oil and Vinegar (UOV), with a significantly reduced public key size while maintaining the …
A simple noncommutative UOV scheme
LC Wang, PE Tseng, YL Kuan, CY Chou - Cryptology ePrint Archive, 2022 - eprint.iacr.org
In this paper, we propose a simple noncommutative-ring based UOV signature scheme with
key-randomness alignment: Simple NOVA, which can be viewed as a simplified version of …
key-randomness alignment: Simple NOVA, which can be viewed as a simplified version of …
New Security Proofs and Techniques for Hash-and-Sign with Retry Signature Schemes
B Cogliati, PA Fouque, L Goubin… - Cryptology ePrint Archive, 2024 - eprint.iacr.org
Abstract Hash-and-Sign with Retry is a popular technique to design efficient signature
schemes from code-based or multivariate assumptions. Contrary to Hash-and-Sign …
schemes from code-based or multivariate assumptions. Contrary to Hash-and-Sign …
Mayo: Optimized implementation with revised parameters for armv7-m
A Gringiani, A Meneghetti, E Signorini… - Cryptology ePrint …, 2023 - eprint.iacr.org
We present an optimized constant-time implementation of the MAYO signature scheme on
ARMv7-M. MAYO is a novel multivariate proposal based on the trapdoor function of the …
ARMv7-M. MAYO is a novel multivariate proposal based on the trapdoor function of the …
History-Free Sequential Aggregation of Hash-and-Sign Signatures
A Meneghetti, E Signorini - Cryptographers' Track at the RSA Conference, 2024 - Springer
A sequential aggregate signature (SAS) scheme allows multiple users to sequentially
combine their respective signatures in order to reduce communication costs. Historically …
combine their respective signatures in order to reduce communication costs. Historically …
SoK: On the Physical Security of UOV-based Signature Schemes
Multivariate cryptography currently centres mostly around UOV-based signature schemes:
All multivariate round 2 candidates in the selection process for additional digital signatures …
All multivariate round 2 candidates in the selection process for additional digital signatures …
A correct justification for the CHMT algorithm for solving underdetermined multivariate systems
D Smith-Tone, C Tone - Finite Fields and Their Applications, 2025 - Elsevier
Abstract Cheng et al.(2014)[6] introduced a substantial improvement to the Miura-Hashimoto-
Takagi algorithm for solving sufficiently underdetermined systems of multivariate polynomial …
Takagi algorithm for solving sufficiently underdetermined systems of multivariate polynomial …