Cryptology ePrint Archive: Report 2017/327

MQ Signatures for PKI

Alan Szepieniec and Ward Beullens and Bart Preneel

Abstract: It is well known that multivariate quadratic (MQ) digital signature schemes have small signatures but huge public keys. However, in some settings, such as public key infrastructure (PKI), both variables are important. This paper explains how to transform any MQ signature scheme into one with a much smaller public key at the cost of a larger signature. The transformation aims to reduce the combined size of the public key and signature and this metric is improved significantly. The security of our transformation reduces to that of the underlying MQ signature scheme in the random oracle model. It is possible to decrease signature sizes even further but then its security is related to the conjectured hardness of a new problem, the Approximate MQ Problem (AMQ).

Category / Keywords: public-key cryptography / multivariate quadratic, public key infrastructure, signature, random oracle, post-quantum, hard problem

Original Publication (in the same form): PQCRYPTO 2017

Date: received 13 Apr 2017

Contact author: alan szepieniec at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20170417:144407 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]