Paper 2012/194

A Multivariate based Threshold Ring Signature Scheme

Albrecht Petzoldt, Stanislav Bulygin, and Johannes Buchmann


In \cite{SS11}, Sakumoto et al. presented a new multivariate identification scheme, whose security is based solely on the MQ-Problem of solving systems of quadratic equations over finite fields. In this paper we extend this scheme to a threshold ring identification and signature scheme. Our scheme is the first multivariate scheme of this type and generally the first multivariate signature scheme with special properties. Despite the fact that we need more rounds to achieve given levels of security, the signatures are at least twice shorter than those obtained by other post-quantum (e.g. code based) constructions. Furthermore, our scheme offers provable security, which is quite a rare fact in multivariate cryptography.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Threshold Ring SignaturePost-Quantum CryptographyMultivariate CryptographyMQ Problem
Contact author(s)
apetzoldt @ cdc informatik tu-darmstadt de
2012-04-13: received
Short URL
Creative Commons Attribution


      author = {Albrecht Petzoldt and Stanislav Bulygin and Johannes Buchmann},
      title = {A Multivariate based Threshold Ring Signature Scheme},
      howpublished = {Cryptology ePrint Archive, Paper 2012/194},
      year = {2012},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.