Bypassing the decomposition attacks on two-round multivariate schemes by a practical cubic round

IET Information Security

Volumn 4, Issue 3, 2010, Pages 167-184

  Zhao, X ^a   Feng, D ^a  

^a INSTITUTE OF SOFTWARE   (China)

Author keywords

[No Author keywords available]

Indexed keywords

HIGHER-DEGREE; KEY SIZES; MULTIVARIATE PUBLIC KEY CRYPTOSYSTEM; MULTIVARIATE SCHEMES; POTENTIAL ATTACK; PUBLIC KEYS; ROUND STRUCTURE;

PUBLIC KEY CRYPTOGRAPHY;

EID: 77957112474     PISSN: 17518709     EISSN: 17518717     Source Type: Journal    
DOI: 10.1049/iet-ifs.2007.0110     Document Type: Article

References (60)

1. Shamir, A.: ' Efficient signature schemes based on birational permutations ', Proc. CRYPTO'93, Santa Barbara, CA, USA, August, 1993, p. 1-12, (LNCS, 773)
2. Matsumoto, T., and Imai, H.: ' Public quadratic polynomial-tuples for efficient signature-verification and message encryption ', Proc. EUROCRYPT'88, Davos, Switzerland, May, 1988, p. 419-453, (LNCS, 330)
3. Moh, T.: ' A public key system with signature and master key functions ', Commun. Algebr., 1999, 27, (5), p. 2207-2222
4. Patarin, J.: ' Hidden fields equations (HFE) and isomorphisms of polynomial (IP): two new families of asymmetric algorithms ', Proc. EUROCRYPT'96, Saragossa, Spain, May, 1996, p. 33-48, (LNCS, 1070)
5. Patarin, J.: ' The oil and vinegar signature scheme ', Presented at the Dagstuhl Workshop on Cryptography, September, 1997
6. Shor, P.W.: ' Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer ', SIAM J. Comput., 1997, 26, (5), p. 1484-1509 0097-5397
7. Coppersmith, D., Stern, J., and Vaudenay, S.: ' Attacks on the birational permutation signature schemes ', Proc. CRYPTO'93, Santa Barbara, CA, USA, August, 1993, p. 435-443, (LNCS, 773)
8. Kipnis, A., and Shamir, A.: ' Cryptanalysis of the HFE public key cryptosystem by relinearization ', Proc. CRYPTO'99, Santa Barbara, CA, USA, August, 1999, p. 19-30, (LNCS, 1666)
9. Courtois, N.: ' The security of hidden field equations (HFE) ', Proc. CT-RSA'01, San Francisco, CA, USA, April, 2001, p. 266-281, (LNCS, 2020)
10. Goubin, L., and Courtois, N.: ' Cryptanalysis of the TTM cryptosystem ', Proc. ASIACRYPT'00, Kyoto, Japan, December, 2000, p. 44-57, (LNCS, 1976)
11. Patarin, J.: ' Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt'88 ', Proc. CRYPTO'95, Santa Barbara, CA, USA, August, 1995, p. 248-261, (LNCS, 963)
12. Courtois, N., Klimov, A., Patarin, J., and Shamir, A.: ' Efficient algorithms for solving overdefined systems of multivariate polynomial equations ', Proc. EUROCRYPT'00, Bruges, Belgium, May, 2000, p. 392-407, (LNCS, 1807)
13. Kipnis, A., and Shamir, A.: ' Cryptanalysis of the oil & vinegar signature scheme ', Proc. CRYPTO'98, Santa Barbara, CA, USA, August, 1998, p. 257-267, (LNCS, 1462)
14. -+and HM: variations around two schemes of T. Matsumoto and H. Imai ', Proc. ASIACRYPT'98, Beijing, China, October, 1998, p. 35-50, (LNCS, 1514)
15. Kipnis, A., Patarin, J., and Goubin, L.: ' Unbalanced oil and vinegar signature scheme ', Proc. EUROCRYPT'99, Prague, Czech, May, 1999, p. 206-222, (LNCS, 1592)
16. Patarin, J., Courtois, N., and Goubin, L.: ' FLASH, a fast multivariate signature Algorithm ', Proc. CT-RSA'01, San Francisco, CA, USA, April, 2001, p. 298-307, (LNCS, 2020)
17. ' SFLASH, a fast asymmetric signature scheme ', IACR Cryptology ePrint Archive: report 2003/211, available at: http://www.eprint.iacr.org, 2003
18. https://www.cosic.esat.kuleuven.be/nessie/, accessed September 2007
19. Dubois, V., Fouque, P.-A., and Stern, J.: ' Cryptanalysis of SFLASH with slightly modified parameters ', Proc. EUROCRYPT'07, Barcelona, Spain, May, 2007, p. 264-275, (LNCS, 4515)
20. Dubois, V., Fouque, P.-A., and Shamir, A.: ' Practical cryptanalysis of SFLASH ', Proc. CRYPTO'07, Santa Barbara, CA, USA, August, 19-23, 2007, p. 1-12, (LNCS, 4622)
21. Ding, J.: ' A new variant of the Matsumoto-Imai cryptosystem through perturbation ', Proc. PKC'04, Singapore, March, 2004, p. 305-318, (LNCS, 2947)
22. Patarin, J., and Goubin, L.: ' Asymmetric cryptography with S-boxes ', Proc. ICICS'97, Beijing, China, November, 1997, p. 369-380, (LNCS, 1334)
23. Ye, D., Lam, K., and Dai, Z.: ' Cryptanalysis of "2R" schemes ', Proc. CRYPTO'99, Santa Barbara, CA, USA, August, 1999, p. 315-325, (LNCS, 1666)
24. Ye, D., Dai, Z., and Lam, K.: ' Decomposing attacks on asymmetric cryptography based on mapping composition ', J. Cryptol., 2001, 14, (2), p. 137-150 0933-2790
25. Patarin, J., and Goubin, L.: ' Asymmetric cryptography with S-boxes (extended version) ', Available at: http://citeseerx.ist.psu.edu
26. Faugère, J.-C., and Perret, L.: ' Cryptanalysis of 2R- schemes ', Proc. CRYPTO'06, Santa Barbara, CA, USA, August, 2006, p. 357-372, (LNCS, 4117)
27. Faugère, J.-C., Levy-Dit-Vehel, F., and Perret, L.: ' Cryptanalysis of MinRank ', Proc. CRYPTO'08, Santa Barbara, CA, USA, August, 2008, p. 280-296, (LNCS, 5157)
28. Yang, B.Y., and Chen, J.M.: ' Building secure tame-like multivariate public-key cryptosystems: the new TTS ', Proc. ACISP'05, Brisbane, Australia, July, 2005, p. 518-531, (LNCS, 3574)
29. Wolf, C., Braeken, A., and Preneel, B.: ' On the security of stepwise triangular systems ', Des. Codes Cryptogr., 2006, 40, (3), p. 285-302 10.1007/s10623-006-0015-5 0925-1022 (Pubitemid 44259578)
30. Biham, E.: ' Cryptanalysis of Patarin's 2-round public key system with S boxes (2R) ', Proc. EUROCRYPT'00, Bruges, Belgium, May, 2000, p. 408-416, (LNCS, 1807)
31. ' Cryptanalysis of an implementation scheme of TTM ', IACR Cryptology ePrint Archive, report 2003/084, 2003, available at: http://www.eprint.iacr.org
32. ' A defect of the implementation schemes of the TTM cryptosystem ', IACR Cryptology ePrint Archive, report 2003/086, 2003, available at: http://www.eprint.iacr.org
33. Nie, X., Hu, L., Li, J., Updegrove, C., and Ding, J.: ' Breaking a new instance of TTM cryptosystems ', Proc. ACNS'06, Singapore, June, 2006, p. 210-225, (LNCS, 3989)
34. Ding, J., Hu, L., Nie, X., Li, J., and Wagner, J.: ' High order linearization equation (HOLE) attack on multivariate public key cryptosystems ', Proc. PKC'07, Beijing, China, April, 2007, p. 233-248, (LNCS, 4450)
35. ' Cryptanalysis of two new instances of TTM cryptosystem ', IACR Cryptology ePrint Archive, report 2007/381, 2007, available at: http://www.eprint.iacr.org
36. http://magma.maths.usyd.edu.au/users/allan/gb/, accessed April 2008
37. Faugère, J.-C., and Joux, A.: ' Algebraic cryptanalysis of hidden field equation (HFE) cryptosystems using Gröbner bases ', Proc. CRYPTO'03, Santa Barbara, CA, USA, August, 2003, p. 44-60, (LNCS, 2729)
38. Fouque, P., Granboulan, L., and Stern, J.: ' Differential cryptanalysis for multivariate schemes ', Proc. EUROCRYPT'05, Aarhus, Denmark, May, 2005, p. 341-535, (LNCS, 3494)
39. Jakobsen, T., and Knudsen, L.R.: ' The interpolation attack on block ciphers ', Proc. FSE'97, Haifa, Israel, January, 1997, p. 28-40, (LNCS, 1267)
40. Jakobsen, T.: ' Cryptanalysis of block ciphers with probabilistic non-linear relations of low degree ', Proc. CRYPTO'98, Santa Barbara, CA, USA, August, 1998, p. 212-222, (LNCS, 1462)
41. Kurosawa, K., Iwata, T., and Quang, V.D.: ' Root finding interpolation attack ', Proc. SAC'00, Waterloo, Ontario, Canada, August, 2000, p. 303-314, (LNCS, 2012)
42. Moriai, S., Shimoyama, T., and Kaneko, T.: ' Interpolation attacks of the block cipher: SNAKE ', Proc. FSE'99, Rome, Italy, March, 1999, p. 275-289, (LNCS, 1636)
43. Youssef, A.M., and Gong, G.: ' On the interpolation attacks on block ciphers ', Proc. FSE'00, New York, NY, USA, April, 2000, p. 109-120, (LNCS, 1978)
44. Clausen, M., Dress, A., Grabmeier, J., and Karpinski, M.: ' On zero-testing and interpolation of k-sparse multivariate polynomials over finite fields ', Theor. Comput. Sci., 1991, 84, (2), p. 151-164 0304-3975
45. Grigoriev, D.Y., Karpinski, M., and Singer, M.F.: ' Fast parallel algorithms for sparse multivariate polynomial interpolation over finite fields ', SIAM J. Comput., 1990, 19, (6), p. 1059-1063 0097-5397
46. Dür, A., and Grabmeier, J.: ' Applying coding theory to sparse interpolation ', SIAM J. Comput., 1993, 22, (4), p. 695-704 0097-5397
47. Huang, M.-D., and Rao, A.J.: ' Interpolation of sparse multivariate polynomials over large finite fields with applications ', Proc. Seventh Ann. ACM-SIAM Symp. on Discrete Algorithms, Atlanta, Georgia, USA, January, 1996, p. 508-517
48. Dinur, I., and Shamir, A.: ' Cubic attacks on tweakable black box polynomials ', Proc. EUROCRYPT'09, Cologne, Germany, April, 2009, p. 278-299, (LNCS, 5479)
49. Lenstra, A.K.: ' Factoring multivariate polynomials over algebraic number fields ', SIAM J. Comput., 1987, 16, (3), p. 591-598 0097-5397
50. Billet, O., and Gilbert, H.: ' A traceable block cipher ', Proc. ASIACRYPT'03, Taipei, Taiwan, November, 2003, p. 331-346, (LNCS, 2894)
51. ' Building instances of TTM immune to the Goubin-Courtois attack and Ding-Schmidt attack ', IACR Cryptology ePrint Archive, report 2004/168, 2006, available at: http://www.eprint.iacr.org
52. Wang, L.-C., Yang, B.-Y., Hu, Y.-H., and Lai, F.: ' A medium field multivariate encryption scheme ', Proc. CT-RSA'06, San Jose, CA, USA, February, 2006, p. 132-149, (LNCS, 3860)
53. ' Two new examples of TTM ', IACR Cryptology ePrint Archive, report 2007/144, 2007, available at: http://www.eprint.iacr.org
54. 4) ', J. Pure Appl. Algebra, 1999, 139, (1-3), p. 61-88
55. 5) ', Proc. ISSAC'02, Lille, France, July, 2002, p. 75-83
56. Ars, G., Faugère, J.-C., Imai, H., Kawazoe, M., and Sugita, M.: ' Comparison between XL and Gröbner basis algorithms ', Proc. ASIACRYPT'04, Jeju Island, Korea, December, 2004, p. 338-353, (LNCS, 3329)
57. Patarin, J.: ' Hidden fields equations (HFE) and isomorphisms of polynomial (IP): two new families of asymmetric algorithms (extended version) ', Available at: http://citeseerx.ist.psu.edu
58. Courtois, N.: ' Higher order correlation attacks, XL algorithm and cryptanalysis of Toyocrypt ', Proc. ICISC'02, Seoul, Korea, November, 2002, p. 182-199, (LNCS, 2587)
59. Cox, D., Little, J., and O'shea, D.: ' Ideals, varieties and algorithms: an introduction to computational algebraic geometry and communicative algebra ', 2nd (Springer-Verlag, 1991)
60. Ben-Or, M., and Tiwari, P.: ' A deterministic algorithm for sparse multivariate polynomial interpolation ', Proc. 20th ACM Symp. on Theory of Computing, Chicago, IL, USA, May, 1998, p. 301-309