International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Tsuyoshi Takagi

Publications

Year
Venue
Title
2021
ASIACRYPT
A New Variant of Unbalanced Oil and Vinegar Using Quotient Ring: QR-UOV 📺
The unbalanced oil and vinegar signature scheme (UOV) is a multivariate signature scheme that has essentially not been broken for over 20 years. However, it requires the use of a large public key; thus, various methods have been proposed to reduce its size. In this paper, we propose a new variant of UOV with a public key represented by block matrices whose components correspond to an element of a quotient ring. We discuss how it affects the security of our proposed scheme whether or not the quotient ring is a field. Furthermore, we discuss their security against currently known and newly possible attacks and propose parameters for our scheme. We demonstrate that our proposed scheme can achieve a small public key size without significantly increasing the signature size compared with other UOV variants. For example, the public key size of our proposed scheme is 85.8 KB for NIST's Post-Quantum Cryptography Project (security level 3), whereas that of compressed Rainbow is 252.3 KB, where Rainbow is a variant of UOV and is one of the third-round finalists of the NIST PQC project.
2020
ASIACRYPT
SiGamal: A supersingular isogeny-based PKE and its application to a PRF 📺
Tomoki Moriya Hiroshi Onuki Tsuyoshi Takagi
We propose two new supersingular isogeny-based public key encryptions: SiGamal and C-SiGamal. They were developed by giving an additional point of the order $2^r$ to CSIDH. SiGamal is similar to ElGamal encryption, while C-SiGamal is a compressed version of SiGamal. We prove that SiGamal and C-SiGamal are IND-CPA secure without using hash functions under a new assumption: the P-CSSDDH assumption. This assumption comes from the expectation that no efficient algorithm can distinguish between a random point and a point that is the image of a public point under a hidden isogeny. Next, we propose a Naor-Reingold type pseudo random function (PRF) based on SiGamal. If the P-CSSDDH assumption and the CSSDDH$^*$ assumption, which guarantees the security of CSIDH that uses a prime $p$ in the setting of SiGamal, hold, then our proposed function is a pseudo random function. Moreover, we estimate that the computational costs of group actions to compute our proposed PRF are about $\sqrt{\frac{8T}{3\pi}}$ times that of the group actions in CSIDH, where $T$ is the Hamming weight of the input of the PRF. Finally, we experimented with group actions in SiGamal and C-SiGamal. The computational costs of group actions in SiGamal-512 with a $256$-bit plaintext message space were about $2.62$ times that of a group action in CSIDH-512.
2016
EUROCRYPT
2014
PKC
2012
ASIACRYPT
2010
PKC
2006
ASIACRYPT
2005
CHES
2004
CRYPTO
2004
PKC
2003
ASIACRYPT
2003
ASIACRYPT
2003
ASIACRYPT
2003
CHES
2003
PKC
2002
PKC
2002
PKC
2000
JOFC
1999
ASIACRYPT
1999
CHES
1998
CRYPTO
1998
EUROCRYPT
1997
CRYPTO

Program Committees

Asiacrypt 2017 (Program chair)
Asiacrypt 2016 (Program chair)
Asiacrypt 2015
PKC 2013
Asiacrypt 2013
Crypto 2012
CHES 2011 (Program chair)
CHES 2010
PKC 2008
CHES 2007
Asiacrypt 2007
CHES 2005
CHES 2004
CHES 2003