Rainbow - Quantum-Safe Digital Signatures

Rainbow is a multivariate-based digital signature algorithm designed to be secure against quantum computer attacks.

Security Notice: In 2022, researchers discovered attacks against Rainbow that break its security. While this page is provided for educational purposes, Rainbow is no longer recommended for secure applications. Please consider using other post-quantum algorithms like Dilithium, Falcon, or SPHINCS+ instead.

Key Generation

Generate a Rainbow key pair for signing and verification

Key generation may take several seconds due to the complexity of the algorithm. Rainbow has large public keys (several hundred KB).

Sign File

Upload a file and sign it with your private key

Verify Signature

Verify a file's signature using the signer's public key

Paste the signature or upload a signature file

About Rainbow

Rainbow is a multivariate-based digital signature algorithm that was a finalist in the third round of the NIST Post-Quantum Cryptography standardization process. It is based on the Oil and Vinegar signature scheme with multiple layers.

Security Status

In February 2022, researchers Ward Beullens published an attack that breaks Rainbow's security. The attack uses techniques from algebraic geometry to efficiently recover the private key from the public key. As a result, Rainbow is no longer considered secure for cryptographic applications.

This page is maintained for educational purposes only. For secure post-quantum cryptography, please use NIST-recommended algorithms like Dilithium, Falcon, or SPHINCS+.

Key Features (Historical):
  • Type: Multivariate-based digital signature algorithm
  • Security Basis: Hardness of solving systems of multivariate quadratic equations (MQ problem)
  • Signature Size: Very small signatures (typically 66-204 bytes)
  • Public Key Size: Large public keys (161-1.7 MB depending on parameter set)
  • Performance: Fast signing and verification operations
How Rainbow Works (Conceptual Overview):
  1. Key Generation:
    • Generate a set of secret multivariate quadratic polynomials with a special structure (Oil and Vinegar)
    • Apply secret linear transformations to these polynomials
    • The public key consists of the transformed polynomials
    • The private key consists of the original polynomials and the transformations
  2. Signing:
    • Hash the message to a fixed-length digest
    • Use the private key to find a solution to the system of equations where the output equals the digest
    • This solution is the signature
  3. Verification:
    • Hash the message to get the same digest
    • Evaluate the public polynomials at the signature point
    • Check if the result matches the message digest
Historical Advantages:
Feature Advantage
Signature Size Very small signatures compared to other post-quantum algorithms
Performance Fast signing and verification operations
Mathematical Diversity Based on different mathematical principles than other post-quantum approaches
The Attack (2022):

The attack that broke Rainbow uses techniques from algebraic geometry:

  • The attack exploits the specific structure of the Rainbow public key
  • It uses the fact that certain algebraic properties of the Oil and Vinegar construction can be detected in the public key
  • The attack can recover the private key from the public key in a matter of hours on a standard computer
  • This makes Rainbow unsuitable for cryptographic applications
Lessons Learned:
  • Cryptographic Diversity: The failure of Rainbow highlights the importance of having multiple post-quantum approaches
  • Cryptanalysis Value: Demonstrates the value of continued cryptanalysis of candidate algorithms
  • Mathematical Foundations: Shows that seemingly secure mathematical problems can sometimes have unexpected weaknesses
Note: While Rainbow is no longer secure, research in multivariate cryptography continues. Future multivariate schemes may address the weaknesses discovered in Rainbow and provide secure alternatives.