Multivariate Blind Signatures Revisited

Ward Beullens⁹

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 15516))

Included in the following conference series:

International Conference on Selected Areas in Cryptography

133 Accesses

Abstract

In 2017, Petzoldt, Szepieniec, and Mohamed proposed a blind signature scheme, based on multivariate cryptography. This construction has been expanded on by several other works. This short paper shows that their construction is susceptible to an efficient polynomial-time attack. The problem is that the authors implicitly assumed that for a random multivariate quadratic map $\mathcal {R}:\mathbb {F}_q^m \rightarrow \mathbb {F}_q^m$ and a collision-resistant hash function $H: \{0,1\}^* \rightarrow \mathbb {F}_q^m$, the function $\textsf{Com}(m;\textbf{r}) := H(m) - \mathcal {R}(\textbf{r})$ is a binding commitment, which is not the case. There is a “folklore” algorithm that can be used to, given any pair of messages, efficiently produce a commitment that opens to both of them. We hope that by pointing out that multivariate quadratic maps are not binding, similar problems can be avoided in the future.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+

from $39.99 /Month

Starting from 10 chapters or articles per month
Access and download chapters and articles from more than 300k books and 2,500 journals
Cancel anytime

Buy Now

Chapter: USD 29.95; Price excludes VAT (Canada)

eBook: USD 59.99; Price excludes VAT (Canada)

Softcover Book: USD 74.99; Price excludes VAT (Canada)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

A Practical Multivariate Blind Signature Scheme

Russo–dye type theorem, Stinespring representation, and Radon–Nikodým derivative for invariant block multilinear completelypositive maps

Article 17 May 2025

A New Multivariate Primitive from CCZ Equivalence

Article 09 June 2025

References

Baum, C., et al.: One tree to rule them all: optimizing GGM trees and OWFs for post-quantum signatures. Cryptology ePrint Archive, Paper 2024/490 (2024). https://eprint.iacr.org/2024/490
Baum, C., et al.: FAEST, Technical report, National Institute of Standards and Technology (2023). https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures
Baum, C., et al.: Publicly verifiable zero-knowledge and post-quantum signatures from VOLE-in-the-head. In: Handschuh, H., Lysyanskaya, A. (eds.) CRYPTO 2023, Part V. LNCS, vol. 14085, pp. 581–615. Springer, Heidelberg (2023)
Chapter MATH Google Scholar
Beullens, W.: Improved cryptanalysis of UOV and rainbow. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021, Part I. LNCS, vol. 12696, pp. 348–373. Springer, Heidelberg (2021)
MATH Google Scholar
Beullens, W.: Breaking rainbow takes a weekend on a laptop. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022, Part II. LNCS, vol. 13508, pp. 464–479. Springer, Heidelberg (2022)
Chapter MATH Google Scholar
Beullens, W.: MAYO: practical post-quantum signatures from oil-and-vinegar maps. In: AlTawy, R., Hülsing, A. (eds.) SAC 2021. LNCS, vol. 13203, pp. 355–376. Springer, Heidelberg (2022)
Google Scholar
Beullens, W., et al.: Oil and vinegar: modern parameters and implementations. IACR TCHES 2023(3), 321–365 (2023)
Article MATH Google Scholar
Billet, O., Robshaw, M.J.B., Peyrin, T.: On building hash functions from multivariate quadratic equations. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 07. LNCS, vol. 4586, pp. 82–95. Springer, Heidelberg (2007)
Google Scholar
Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) CRYPTO’82, pp. 199–203. Plenum Press, New York, USA (1982)
MATH Google Scholar
Hoang Duong, D., Susilo, W., Tran, H.T.: A multivariate blind ring signature scheme. Comput. J. 63(8), 1194–1202 (2020)
Google Scholar
Juels, A., Luby, M., Ostrovsky, R.: Security of blind digital signatures (extended abstract). In: Burton, S., Kaliski, Jr. (eds.) CRYPTO’97. LNCS, vol. 1294, pp. 150–164. Springer, Heidelberg (1997)
Google Scholar
Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT’99. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999)
MATH Google Scholar
Omar, S., Padhye, S., Dey, D.: Multivariate partially blind signature scheme. In: Computational Intelligence, pp. 143–155. Springer, Nature (2023)
Google Scholar
Petzoldt, A., Szepieniec, A., Mohamed, M.S.E.: A practical multivariate blind signature scheme. In: Kiayias, A. (ed.) FC 2017. LNCS, vol. 10322, pp. 437–454. Springer, Heidelberg (2017)
Google Scholar

Download references

Acknowledgements

We thank Charles Bouillaguet for pointing out that the algorithm of Sect. 5 is folklore, and providing us with a reference.

Author information

Authors and Affiliations

IBM Research Europe, Rüschlikon, Switzerland
Ward Beullens

Authors

Ward Beullens
View author publications
Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Ward Beullens .

Editor information

Editors and Affiliations

Graz University of Technology, Graz, Austria
Maria Eichlseder
Université du Québec à Montréal, Montreal, QC, Canada
Sébastien Gambs

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Beullens, W. (2025). Multivariate Blind Signatures Revisited. In: Eichlseder, M., Gambs, S. (eds) Selected Areas in Cryptography – SAC 2024. SAC 2024. Lecture Notes in Computer Science, vol 15516. Springer, Cham. https://doi.org/10.1007/978-3-031-82852-2_10

Download citation

DOI: https://doi.org/10.1007/978-3-031-82852-2_10
Published: 13 March 2025
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-82851-5
Online ISBN: 978-3-031-82852-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics