Chen, M.
, Yang, B.
and Smith-Tone, D.
(2015),
PFLASH - Secure Asymmetric Signatures on Smart Cards, Lightweight Cryptography Workshop 2015, Gaithersburg, MD, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=926103
(Accessed April 27, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
PFLASH - Secure Asymmetric Signatures on Smart Cards
Published
Author(s)
Ming-Shing Chen, Bo-Yin Yang,
Abstract
We present PFLASH, an asymmetric digital signature scheme appropriate for smart card use. We present parameters for several security levels in this low resource environment and bootstrap many technical properties (including side-channel resistance) exposed in the evaluation of predecessors of this scheme. PFLASH is a multivariate signature scheme with a specifi c set of parameters. Specifi cally, PFLASH is a pCI- scheme which means that geometrically the scheme can be viewed as a morphism of a monomial permutation, restricting the domain and range to two subspaces of an n-dimensional vector space over a fi nite field Fq. PFLASH is a direct descendent of the SFLASH signature scheme which was recommended by NESSIE in 2003 and subsequently broken in 2007. Since that time we have developed a greater understanding of security for these so called "big fi eld schemes". PFLASH provably resists a large class of attacks on multivariate cryptosystems, a class which includes all known attacks on multivariate cryptosystems. While this doesn't constitute a guarantee of the security of PFLASH, it does imply that any attack on the system will require a fundamental mathematical advance which the scientifi c community has not discovered in the nearly two decades since the first suggestion of pC*- schemes. The performance of PFLASH is comparable to that of its parent SFLASH, being roughly q over 2 times slower. This level of efficiency still makes PFLASH faster than RSA and far easier to implement on a smart card without an arithmetic coprocessor. The public key size is far larger than RSA, but the scheme far outperforms RSA, does not suffer nearly as much to poor random number generation and still fi ts easily on the cheapest smart cards. Optimization of this scheme and simulations in the smart card environment is a continuing project the results of which will be included in the full version of this manuscript.Conference Dates
July 20-21, 2015
Conference Location
Gaithersburg, MD, US
Conference Title
Lightweight Cryptography Workshop 2015
Pub Type
Conferences
Download Paper
Keywords
PFLASH, RSA, SFLASH cryptography, schemes
Citation
Created July 20, 2015, Updated October 12, 2021