Communications in Cryptology IACR CiC
Search requires all terms to appear in the result
Search results for multivariate crypto
  1. Charles Bouillaguet, Julia Sauvage
    Published 2024-04-09 PDFPDF

    Biscuit is a recent multivariate signature scheme based on the MPC-in-the-Head paradigm. It has been submitted to the NIST competition for additional signature schemes. Signatures are derived from a zero-knowledge proof of knowledge of the solution of a structured polynomial system. This extra structure enables efficient proofs and compact signatures. This short note demonstrates that it also makes these polynomial systems easier to solve than random ones. As a consequence, the original parameters of Biscuit failed to meet the required security levels and had to be upgraded.