## Cryptology ePrint Archive: Report 2017/636

Implementing 128-bit Secure MPKC Signatures

Ming-Shing Chen and Wen-Ding Li and Bo-Yuan Peng and Bo-Yin Yang and Chen-Mou Cheng

Abstract: Multivariate Public Key Cryptosystems (MPKCs) are often touted as future-proofing against Quantum Computers. In 2009, it was shown that hardware advances do not favor just traditional'' alternatives such as ECC and RSA, but also makes MPKCs faster and keeps them competitive at 80-bit security when properly implemented. These techniques became outdated due to emergence of new instruction sets and higher requirements on security.

In this paper, we review how MPKC signatures changes from 2009 including new parameters (from a newer security level at 128-bit), crypto-safe implementations, and the impact of new AVX2and AESNI instructions. We also present new techniques on evaluating multivariate polynomials, multiplications of large finite fields by additive Fast Fourier Transforms, and constant time linear solvers.

Category / Keywords: implementation / implementation