All in the XL family: Theory and practice

Lecture Notes in Computer Science

Volumn 3506, Issue , 2005, Pages 67-86

  Yang, Bo Yin ^a   Chen, Jiun Ming ^b  

^a TAMKANG UNIVERSITY   (Taiwan)

^b NATIONAL TAIWAN UNIVERSITY   (Taiwan)

Author keywords

Algebraic analysis; Finite field; Gr bner Bases; Multivariate cryptography; Multivariate quadratics; XL

Indexed keywords

ALGORITHMS; COMPUTATION THEORY; LINEAR ALGEBRA; PROBLEM SOLVING; QUADRATIC PROGRAMMING;

ALGEBRAIC ANALYSIS; FINITE FIELD; GRÖBNER BASES; MULTIVARIATE CRYPTOGRAPHY; MULTIVARIATE QUADRATICS; XL;

PUBLIC KEY CRYPTOGRAPHY;

EID: 24944535234     PISSN: 03029743     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1007/11496618_7     Document Type: Conference Paper

References (60)

1. M. Akkar, N. Courtois, R. Duteuil, and L. Goubin, A Fast and Secure Implementation of SPLASH, PKC 2003, LNCS 2567, pp. 267-278.
2. G. Ars and J.-C. Faugère, H. Imai, M. Kawazoe, and M. Sugita, Comparison of XL and Gröbner Bases Algorithms over Finite Fields, ASIACRYPT'04, LNCS 3329, pp. 338-353.
3. M. Bardet, Étude des systèmes algébriques surdéterminés. Applications aux codes correcteurs et à la cryptographie., Ph.D. thesis, Université Paris 6, 2004.
4. M. Bardet, J.-C. Faugère, and B. Salvy, Complexity of Gröbner Basis Computations for Regular Overdetermined Systems, INRIA Rapport de Recherche No. 5049; a slightly modified preprint is accepted by the International Conference on Polynomial System Solving.
5. M. Bardet, J.-C. Faugère, B. Salvy, and B.-Y. Yang, Asymptotic Complexity of Gröbner Basis Algorithms for Semi-regular Overdetermined Systems over Large Fields, manuscript.
6. B. Barkee et al, Why You Cannot Even Hope to Use Gröbner Bases in Public-Key Cryptography, J. Symbolic Computations, 18 (1994), pp. 497-501.
7. J. R. Bunch and J. E. Hopcroft, Triangular Factorizations and Inversion by Fast Matrix Multiplication, Math. Computations, 24 (1974), pp. 231-236.
8. R. Burden and J. D. Faires, Numerical Analysis, 7th ed., PWS-Kent Publ. Co., 2000.
9. D. Bernstein, Matrix Inversion Made Difficult, preprint, stated to be superseded by a yet unpublished version, available at http://cr.yp.to.
10. L. Caniglia, A. Galligo, and J. Heintz, Some New Effectivity Bounds in Computational Geometry, AAECC-6, 1988, LNCS 357, pp. 131-151.
11. L. Caniglia, A. Galligo, and J. Heintz, Equations for the Protective Closure and Effective Nullstellensatz, Discrete Applied Mathematics, 33 (1991), pp. 11-23.
12. C. Chester, B. Friedman, and F. Ursell, An Extension of the Method of Steepest Descents, Proc. Camb. Philo. Soc. 53 (1957) pp. 599-611.
13. D. Coppersmith, private communication.
14. N. Courtois, The Security of Hidden Field Equations (HFE), CT-RSA 2001, LNCS 2020, pp. 266-281.
15. N. Courtois, Higher-Order Correlation Attacks, XL Algorithm and Cryptanalysis of Toyocrypt, ICISC '02, LNCS 2587, pp. 182-199.
16. N. Courtois, Fast Algebraic Attacks on Stream Ciphers with Linear Feedback, CRYPTO'03, LNCS 2729, pp. 177-194.
17. v2, PKC '04, LNCS 2947, pp. 201-217.
18. N. Courtois, private communication.
19. v3, a Fast Asymmetric Signature Scheme, preprint available at http://eprint.iacr.org/2003/ 211.
20. N. Courtois, A. Klimov, J. Patarin, and A. Shamir, Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations, EUROCRYPT 2000, LNCS 1807, pp. 392-407.
21. N. Courtois and J. Pieprzyk, Cryptanalysis of Block Ciphers with Overdefined Systems of Equations, ASIACRYPT 2002, LNCS 2501, pp. 267-287.
22. N. Courtois and J. Patarin, About the XL Algorithm over GF(2), CT-RSA 2003, LNCS 2612, pp. 141-157.
23. J. Daemen and V. Rijmen, The Design of Rijndael, AES - The Advanced Encryption Standard. Springer-Verlag, 2002.
24. C. Diem, The XL-algorithm and a Conjecture from Commutative Algebra, ASIACRYPT'04, LNCS 3329, pp. 323-337 and private communication.
25. W. Diffie and M. Hellman, New Directions in Cryptography, IEEE Trans. Info. Theory, vol. IT-22, 6 (1972), pp. 644-654.
26. v3, eprint.iacr.org/2004/103.
27. I. S. Duff, A. M. Erismann, and J. K. Reid, Direct Methods for Sparse Matrices, published by Oxford Science Publications, 1986.
28. W. Eberly and E. Kaltofen, On Randomized Lanczos Algorithms, Proc. ISSAC '97, pp. 176-183, ACM Press 1997.
29. J.-C. Faugére, A New Efficient Algorithm for Computing Gröbner Bases (F4), Journal of Pure and Applied Algebra, 139 (1999), pp. 61-88.
30. J.-C. Faugère, A New Efficient Algorithm for Computing Gröbner Bases without Reduction to Zero (F5), Proceedings of ISSAC 2002, pp. 75-83, ACM Press 2002.
31. J.-C. Faugère and A. Joux, Algebraic Cryptanalysis of Hidden Field Equations (HFE) Cryptosystems Using Gröbner Bases, CRYPTO 2003, LNCS 2729, pp. 44-60.
32. R. Fröberg, An Inequality for Hubert Series of Graded Algebras, Math. Scand. 56(1985) pp. 117-144.
33. M. Garey and D. Johnson, Computers and Intractability, A Guide to the Theory of NP-completeness, W. H. Freeman New York 1979.
34. v2, 3rd NESSIE Workshop, 2002.
35. H.-K. Hwang, Asymptotic estimates of elementary probability distributions, Studies in Applied Mathematics, 99:4 (1997), pp. 393-417.
36. R. Hartshorne, Algebraic Geometry, Springer-Verlag, 1977.
37. A. Kipnis and A. Shamir, Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization, CRYPTO'99, LNCS 1666, pp. 19-30.
38. B. LaMacchia and A. Odlyzko, Solving Large Sparse Linear Systems over Finite Fields, CRYPTO'90, LNCS 537, pp. 109-133.
39. S. Lang, Algebra (3rd edition), Addison-Wesley, 1993.
40. D. Lazard, Gröbner Bases, Gaussian Elimination and Resolution of Systems of Algebraic Equations, EUROCAL '83, LNCS 162, pp. 146-156.
41. C. McGeoch, "Veni, Divisi, Vici", Appearing in the "Computer Science Sampler" column of the Amer. Math. Monthly, May 1995.
42. The MAGMA project, University of Sydney, see http://magma.maths.usyd.edu. au/users/allan/gb
43. T. Matsumoto and H. Imai, Public Quadratic Polynomial-Tuples for Efficient Signature-Verification and Message-Encryption, EUROCRYPT'88, LNCS 330, pp. 419-453.
44. T. Moh, On The Method of XL and Its Inefficiency Against TTM, available at http://eprint.iacr.org/2001/047
45. S. Murphy and M. Robshaw, Essential Algebraic Structures Within the AES, CRYPTO 2002, LNCS 2442, pp. 1-16.
46. S. Murphy and M. Robshaw, Comments on the Security of the AES and the XSL Technique, preprint available from the authors http://www.isg.rhul.ac.uk/~sean/
47. NESSIE Security Report, V2.0, available at http://www.cryptonessie.org
48. J. Patarin, Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms, EUROCRYPT'96, LNCS 1070, pp. 33-48.
49. -+* and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai, ASIACRYPT'98, LNCS 1514, pp. 35-49.
50. J. Patarin, N. Courtois, and L. Goubin, QUARTZ, 128-Bit Long Digital Signatures, CT-RSA 2001, LNCS 2020, pp. 282-297. Update at http://www. cryptonessie.org
51. v2 available at http://www.cryptonessie.org
52. R. Stanley, Enumerative Combinatorics, vol. 1, second printing 1996; vol. 2 in 1999. Both published by Cambridge University Press, Cambridge.
53. V. Strassen, Gaussian Elimination is not Optimal, Numer. Math. 13 (1969) pp. 354-356.
54. M. Sugita, M. Kawazoe, and H. Imai, Relation between XL algorithm and Groebner Bases Algorithms, preprint, http://eprint.iacr.org/2004/112. Part of this merged with [2].
55. G. Szegö, Orthogonal Polynomials, 4th ed., publ.: American Math. Society, Providence.
56. D. Wiedemann, Solving Sparse Linear Equations over Finite Fields, IEEE Transaction on Information Theory, v. IT-32 (1976), no. 1, pp. 54-62.
57. R. Wong, Asymptotic Approximations of Integrals, Academic Press, San Diego, 1989.
58. B.-Y. Yang and J.-M. Chen, Theoretical Analysis of XL over Small Fields, ACISP 2004, LNCS 3108, pp. 277-288.
59. B.-Y. Yang, J.-M. Chen, and N. Courtois, On Asymptotic Security Estimates in XL and Gröbner Bases-Related Algebraic Cryptanalysis, ICICS '04, LNCS 3269, pp. 401-413.
60. Formerly titled Exact and Asymptotic Behavior of XL-Related Methods.