QUAD: A multivariate stream cipher with provable security

Journal of Symbolic Computation

Volumn 44, Issue 12, 2009, Pages 1703-1723

  Berbain, Côme ^a   Gilbert, Henri ^a   Patarin, Jacques ^b  

^a ORANGE LABS   (France)

^b LABORATOIRE DES SCIENCES DU CLIMAT ET DE L ENVIRONNEMENT   (France)

Author keywords

Gr bner basis computation; MQ problem; Provable security; Stream cipher

Indexed keywords

EID: 69849085994     PISSN: 07477171     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.jsc.2008.10.004     Document Type: Article

References (41)

1. Arditti D., Berbain C., Billet O., and Gilbert H. Compact FPGA Implementations of QUAD. ASIACCS (2007), ACM
2. Bardet, M., 2004. Étude des systèmes algébriques surdéterminés. Applications aux codes correcteurs et à la cryptographie. Ph.D. Thesis. Université Paris VI
3. Bellare, M., 1999. The Goldreich-Levin Theorem. Available from URL: http://www-cse.ucsd.edu/users/mihir/courses.html
4. Berbain, C., 2007. Analyse et conception d'algorithmes de chiffrement à flot. Ph.D. Thesis. Université Paris VII
5. Berbain C., Billet O., and Gilbert H. Efficient implementations of multivariate quadratic systems. Selected Areas in Cryptography-SAC 2006. Lecture Notes in Computer Science (2006), Springer-Verlag
6. Berbain C., and Gilbert H. On the security of I V dependent stream ciphers. In: Biryukov A. (Ed). FSE. Lecture Notes in Computer Science (2007), Springer-Verlag
7. Berbain C., Gilbert H., and Patarin J. QUAD: A practical stream cipher with provable security. In: Vaudenay S. (Ed). Advances in Cryptology - EUROCRYPT 2006. Lecture Notes in Computer Science (2006), Springer-Verlag
8. Blum L., Blum M., and Shub M. A simple unpredictable pseudo-random number generator. SIAM J. Comput. 15 2 (1986) 364-383
9. Blum M., and Micali S. How to generate cryptographically strong sequences of pseudo-random bits. SIAM J. Comput. 13 4 (1984) 850-864
10. Boneh, D., Halevi, S., Howgrave-Graham, N., 2001. The modular inversion hidden number problem, In: ASIACRYPT, pp. 36-51
11. Buchberger, B., 1965. Ein Algorithmus zum Auffinden der Basiselemente des Restklassenringes nach einem nulldimensionalen Polynomideal (An algorithm for finding the basis elements in the residue class ring modulo a zero dimensional polynomial ideal). Ph.D. Thesis. Mathematical Institute, University of Innsbruck, Austria
12. Cannière, C.D., Preneel, B., 2005. Trivium: Specifications. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/001. Available at: http://www.ecrypt.eu.org/stream
13. Courtois, N., Goubin, L., Meier, W., Tacier, J.-D., 2002. Solving underdefined systems of multivariate quadratic equations, In: Public Key Cryptography, pp. 211-227
14. Courtois N., Klimov A., Patarin J., and Shamir A. Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Preneel B. (Ed). Advances in Cryptology - EUROCRYPT 2000. Lecture Notes in Computer Science vol. 1807 (2000), Springer-Verlag 392-407
15. Courtois N., and Patarin J. About the XL algorithm over G F (2). In: Joye M. (Ed). Topics in Cryptology - CT-RSA 2003. Lecture Notes in Computer Science vol. 2612 (2003), Springer-Verlag 141-157
16. Ekdahl P., and Johansson T. A new version of the stream cipher SNOW. In: Nyberg K., and Heys H.M. (Eds). Proceedings of Selected Areas in Cryptography - SAC'02. LNCS vol. 2595 (2002), Springer
17. Faugère J.-C. A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra (1999)
18. Faugère J.-C., Imai H., Kawazoe M., Sugita M., and Ars G. Comparison between XL and Groebner basis algorithms. In: Lee P.J. (Ed). Advances in Cryptology - ASIACRYPT 2004. Lecture Notes in Computer Science vol. 3329 (2004), Springer-Verlag 338-353
19. Fischer, J.-B., Stern, J., 1996. An Efficient Pseudo-random generator provably as secure as syndrome decoding, In: EUROCRYPT, pp. 245-255
20. Fraenkel A.S., and Yesha Y. Complexity of solving algebraic equations. Inform. Process. Lett. 10 4/5 (1980) 178-179
21. Garey M.R., and Johnson D.S. Algebraic equations over G F (2). Computers and Intractability: A Guide to the Theory of NP-Completeness (1979), W H Freeman & Co (Chapter 7.2)
22. Goldreich O. The Foundations of Cryptography - Volume 1 (2001), Cambridge University Press
23. Goldreich O., Goldwasser S., and Micali S. How to construct random functions. J. ACM 33 4 (1986) 792-807
24. Goldreich O., and Krawczyk H. Sparse pseudorandom distributions. In: Brassard G. (Ed). Advances in Cryptology - CRYPTO '89. Lecture Notes in Computer Science vol.435 (1989), Springer-Verlag 113-127
25. Goldreich O., and Levin L.A. A hard-core predicate for all one-way functions. In: Johnson D.S. (Ed). 21th ACM Symposium on Theory of Computing-STOC '89 (1989), ACM Press 25-32
26. Goldreich, O., Rubinfeld, R., Sudan, M., 1995. Learning polynomials with queries: The highly noisy case, In: FOCS, pp. 294-303
27. Goldwasser, S., Bellare, M., 2001. Lecture Notes on Cryptography. Available at: http://www-cse.ucsd.edu/users/mihir/courses.html
28. Halevi S., Coppersmith D., and Jutla C.S. Scream: A software-efficient stream cipher. In: Daemen J., and Rijmen V. (Eds). Fast Software Encryption - FSE 2002. Lecture Notes in Computer Science vol. 2365 (2002), Springer-Verlag 195-209
29. Håstad J., Impagliazzo R., Levin L.A., and Luby M. A pseudorandom generator from any one-way function. SIAM J. Comput. 28 4 (1999) 1364-1396
30. Håstad, J., Näslund, M., 2000. BMGL: Synchronous keystream generator with provable security (submitted to Nessie Project)
31. Hell, M., Johansson, T., Meier, W., 2005. Grain - A stream cipher for constrained environments. ECRYPT Stream Cipher Project Report 2005/001. http://www.ecrypt.eu.org/stream
32. Impagliazzo R., and Naor M. Efficient cryptographic schemes provably as secure as subset sum. J. Crypt. 9 4 (1996) 199-216
33. Kipnis, A., Patarin, J., Goubin, L., 1999. Unbalanced oil and vinegar signature schemes. In: Stern, J. (Ed.), Advances in Cryptology - EUROCRYPT '99, vol. 1592. Springer, pp. 206-222
34. Lidl R., and Niederreiter H. Finite Fields (1997), Cambridge University Press
35. Patarin, J., 1996. Hidden fields equations (HFE) and isomorphisms of polynomials (IP): Two new families of asymmetric algorithms. In: Maurer, U.M. (Ed.), Advances in Cryptology - EUROCRYPT'96, vol. 1070. Springer, pp. 33-48
36. Patarin, J., Goubin, L., 1997. Asymmetric cryptography with S-Boxes, In: ICICS, pp. 369-380
37. Rivest R. The RC4 Encryption Algorithm (1992), RSA Security Inc.
38. Shamir, A., 1981. On the generation of cryptographically strong pseudo-random sequences. In: ICALP, pp. 544-550
39. Steinfeld, R., Pieprzyk, J., Wang, H., 2006. On the provable security of an efficient RSA-based pseudorandom generator, In: ASIACRYPT, pp.194-209
40. Yang B.-Y., Chen O.C.-H., Bernstein D.J., and Chen J.-M. Analysis of QUAD. In: Biryukov A. (Ed). FSE. Lecture Notes in Computer Science (2007), Springer-Verlag
41. Yao, A., 1982. Theory and applications of trapdoor function. In: Foundations of Cryptography FOCS 1982