Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic

Designs, Codes, and Cryptography

Volumn 69, Issue 1, 2013, Pages 1-52

  Bettale, Luk ^a   Faugère, Jean Charles ^a   Perret, Ludovic ^a  

^a UNIVERSITÉ PIERRE ET MARIE CURIE   (France)

Author keywords

Gr bner bases; Hidden field equations; MinRank

Indexed keywords

CHARACTERISTIC 2; COMPLEXITY RESULTS; EXTENSION FIELD; HIDDEN FIELD EQUATIONS; MINRANK; MULTIVARIATE QUADRATIC SYSTEMS; MULTIVARIATE SCHEMES; PROOF OF CONCEPT;

COMPUTER APPLICATIONS; MATHEMATICAL TECHNIQUES;

RECOVERY;

EID: 84879688211     PISSN: 09251022     EISSN: None     Source Type: Journal    
DOI: 10.1007/s10623-012-9617-2     Document Type: Article

References (48)

1. Adams W.W., Loustaunau P.: An Introduction to Gröbner Bases, Graduate Studies in Mahematics, vol. 3. AMS, Providence (1994)
2. Bardet M., Faugère J.C., Salvy B.: On the complexity of Gröbner basis computation of semi-regular overdetermined algebraic equations. In: Proceedings of International Conference on Polynomial System Solving (ICPSS), pp. 71-75 (2004).
3. Bardet M., Faugère J.C., Salvy B., Yang B.Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: Proceedings of MEGA 2005, Eighth International Symposium on Effective Methods in Algebraic Geometry (2005).
4. Bettale L., Faugère J.C., Perret L.: Hybrid approach for solving multivariate systems over finite fields. J. Math. Cryptol. 177-197 (2009).
5. Bettale L., Faugère J.C., Perret L.: Cryptanalysis of multivariate and odd-characteristic hfe variants. In: Public Key Cryptography - PKC 2011. Lecture Notes in Computer Science, vol. 6571, pp. 441-458. Springer, Berlin (2011).
6. Billet O., Patarin J., Seurin Y.: Analysis of intermediate field systems. In: SCC 2008 (2008).
7. Bogdanov A., Eisenbarth T., Rupp A., Wolf C.: Time-area optimized public-key engines: MQ-cryptosystems as replacement for elliptic curves? In: Cryptographic Hardware and Embedded Systems - CHES '08, LNCS, pp. 45-61 (2008).
8. Bosma W., Cannon J.J., Playoust C.: The Magma algebra system I: the user language. J. Symb. Comput. 24(3-4), 235-265 (1997)
9. Buchberger B.: Ein algorithmus zum auffinden der basiselemente des restklassenringes nach einem nulldimensionalen polynomideal. PhD thesis, University of Innsbruck (1965).
10. Buchberger B.: Bruno buchberger's phd thesis 1965: an algorithm for finding the basis elements of the residue class ring of a zero dimensional polynomial ideal. J. Symb. Comput. 41(3-4), 475-511 (2006)
11. Buchberger B.: Comments on the translation of my phd thesis. J. Symb. Comput. 41(3-4), 471-474 (2006)
12. Buss W., Frandsen G., Shallit J.: The computational complexity of some problems of linear algebra. J. Comput. Syst. Sci. (1999).
13. Chen C.H.O., Chen M.S., Ding J., Werner F., Yang B.Y.: Odd-char multivariate hidden field equations. Cryptology ePrint Archive (2008) http://eprint.iacr.org/2008/543.
14. Chen A.I.T., Chen M.S., Chen T.R., Cheng C.M., Ding J., Kuo E.L.H., Lee F.Y.S., Yang B.Y.: SSE implementation of multivariate PKCs on modern x86 CPUs. In: Cryptographic Hardware and Embedded Systems - CHES 2009, Lecture Notes in Computer Science, vol. 5747, pp. 33-48. Springer, Berlin (2009).
15. Courtois N.T.: Efficient zero-knowledge authentication based on a linear algebra problem MinRank. In: Advances in Cryptology - ASIACRYPT 2001, Lecture Notes in Computer Science, vol. 2248, pp. 402-421. Springer, Berlin (2001).
16. Courtois N., Goubin L.: Cryptanalysis of the TTM cryptosystem. In: Advances in Cryptology - ASIACRYPT '00, Lecture Notes in Computer Science, vol. 1976, pp. 44-57. Springer, Berlin (2000).
17. Cox D.A., Little J.B., O'Shea D.: Ideals, Varieties and Algorithms. Sringer, Berlin (2005)
18. DeMillo R., Lipton R.: A probabilistic remark on algebraic program testing. Inf. Process. Lett. 7(4), 192-194 (1978)
19. Ding J., Hodges T.J.: Inverting HFE systems is quasi-polynomial for all fields. In: Rogaway P. (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 6841, pp. 724-742. Springer, Berlin (2011).
20. Ding J., Schmidt D., Werner F.: Algebraic attack on HFE revisited. In: Information Security, Lecture Notes in Computer Science, vol. 5222, pp. 215-227. Springer, Berlin (2008).
21. Dubois V., Gama N.: The degree of regularity of HFE systems. In: Advances in Cryptology - ASIACRYPT 2011, Lecture Notes in Computer Science, vol. 6477, pp. 557-576. Springer, Berlin (2011).
22. Faugère J.C.: A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra 139, 61-88 (1999)
23. Faugère J.C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Proceedings of the 2002 International Symposium on Symbolic and Algebraic Computation ISSAC, pp. 75-83. ACM Press (2002).
24. Faugère J.C.: Algebraic cryptanalysis of HFE using Gröbner bases. Reasearch report RR-4738, INRIA http://hal.inria.fr/inria-00071849/PDF/ RR-4738.pdf (2003).
25. Faugère J.C.: FGb: a library for computing Gröbner bases. In: Fukuda K., Hoeven J., Joswig M., Takayama N. (eds.) Mathematical Software - ICMS 2010, Lecture Notes in Computer Science, vol. 6327, pp. 84-87. Springer, Berlin. http://www-salsa.lip6.fr/~jcf/Papers/ICMS.pdf (2010).
26. Faugère J.C., Joux A.: Algebraic cryptanalysis of Hidden Field Equation (HFE) cryptosystems using Gröbner bases. In: Advances in Cryptology - CRYPTO 2003, Lecture Notes in Computer Science, vol. 2729, pp. 44-60. Springer, Berlin (2003).
27. Faugère J.C., Levy-dit-Vehel F., Perret L.: Cryptanalysis of MinRank. In: Advances in Cryptology - CRYPTO 2008, Lecture Notes in Computer Science, vol. 5157, pp. 280-296. Springer, Berlin (2008).
28. Faugère J.C., Safey El Din M., Spaenlehauer P.J.: Computing loci of rank defects of linear matrices using Gröbner bases and applications to cryptology. In: Koepf W. (eds.), ISSAC, pp. 257-264. ACM (2010).
29. Faugère J.C., Safey El Din M., Spaenlehauer P.J.: Gröbner bases of bihomogeneous ideals generated by polynomials of bidegree (1,1): algorithms and complexity. J. Symb. Comput. 1-39 (2010).
30. Faugère J.C., Safey El Din M., Spaenlehauer P.J.: On the complexity of the generalized minrank problem, preprint (2011).
31. Fröberg R.: An inequality for Hilbert series of graded algebras. Math. Scand. 56, 117-144 (1985)
32. Garey M.R., Johnson D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman, New York (1979)
33. Granboulan L., Joux A., Stern J.: Inverting HFE is quasipolynomial. In: Advances in Cryptology - CRYPTO 2006, Lecture Notes in Computer Science, vol. 4117, pp. 345-356. Springer, Berlin (2006).
34. Jiang X., Ding J., Hu L.: Kipnis-Shamir attack on HFE revisited. In: Information Security and Cryptology, Lecture Notes in Computer Science, vol. 4990, pp. 399-411. Springer, Berlin (2007).
35. Kipnis A., Shamir A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Advances in Cryptology - CRYPTO '99, Lecture Notes in Computer Science, vol. 1666, pp. 19-30. Springer, Berlin (1999).
36. Kipnis A., Patarin J., Goubin L.: Unbalanced oil and vinegar signature schemes. In: Advances in Cryptology - EUROCRYPT '99, Lecture Notes in Computer Science, vol. 1592, pp. 206-222. Springer, Berlin (1999).
37. Matsumoto T., Imai H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Advances in Cryptology - EUROCRYPT '88, Lecture Notes in Computer Science, vol. 330, pp. 419-453. Springer, Berlin (1988).
38. Moh T.T.: A public key system with signature and master key functions. Commun. Algebra 27(5), 2207-2222 (1999)
39. Nguyen P.: New trends in cryptology, european project stork: Strategic roadmap for advances in cryptology - crypto. ist-2002-38273. http://www.di.ens.fr/~pnguyen/pub.html#Ng03 (2003).
40. Patarin J.: Cryptoanalysis of the Matsumoto and Imai public key scheme of Eurocrypt '88. In: Advances in Cryptology - CRYPTO '95, pp. 248-261. Springer, Berlin (1995).
41. Patarin J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Advances in Cryptology - EUROCRYPT '96, Lecture Notes in Computer Science, vol. 1070, pp. 33-48. Springer, Berlin (1996).
42. Schwartz J.T.: Fast probabilistic algorithms for verification of polynomial identities. J. ACM 27(4), 701-717 (1980)
43. Szegö G.: Orthogonal Polynomials, 4th edn. American Mathematical Society, Providence (1939)
44. Wang L.C., Hu Y.H., Lai F., yen Chou C., Yang B.Y.: Tractable rational map signature. In: Public Key Cryptography - PKC '05, Lecture Notes in Computer Science, vol. 3386, pp. 244-257. Springer, Berlin (2005).
45. Wolf C., Preneel B.: Equivalent keys in HFE, C*, and variations. In: Progress in Cryptology - Mycrypt 2005, Lecture Notes in Computer Science, vol. 3715, pp. 33-49. Springer, Berlin (2005).
46. Wolf C., Preneel B.: Large superfluous keys in multivariate quadratic asymmetric systems. In: Public Key Cryptography - PKC 2005, Lecture Notes in Computer Science, vol. 3386, pp. 275-287. Springer, Berlin (2005).
47. Wolf C., Preneel B.: Equivalent keys in multivariate quadratic public key systems. J. Math. Cryptol. 4(4), 375-415 (2011)
48. Zippel R.: Probabilistic algorithms for sparse polynomials. In: Symbolic and Algebraic Computation (EUROSAM'79), International Symposium, Lecture Notes in Computer Science, vol. 72, pp. 216-226. Springer, Berlin (1979).