Abstract
The Alternating Trilinear Form Equivalence (\(\textsf{ATFE}\)) problem was recently used as a hardness assumption in the design of a digital signature scheme by Tang et al. using the Fiat-Shamir paradigm. It is a hard equivalence problem known to be in the class of equivalence problems that includes, for instance, the Tensor Isomorphism (\(\textsf{TI}\)), Quadratic Maps Linear Equivalence (\(\textsf{QMLE}\)) and the Matrix Code Equivalence (\(\textsf{MCE}\)) problems. Due to the increased cryptographic interest, the understanding of its practical hardness has also increased in the last couple of years. Currently, there are several combinatorial and algebraic algorithms for solving it, the best of which is a graph-theoretic algorithm that also includes an algebraic subroutine.
In this paper, we take a purely algebraic approach to the \(\textsf{ATFE}\) problem, but we use a coding theory perspective to model the problem. This modelling was introduced earlier for the \(\textsf{MCE}\) problem. Using it, we improve the cost of an algebraic attack against \(\textsf{ATFE}\) compared to previously known ones.
Taking into account the algebraic structure of alternating trilinear forms, we show that the obtained system has less variables but also less equations than for \(\textsf{MCE}\) and gives rise to structural degree-3 syzygies. Under the assumption that outside of these syzygies the system behaves semi-regularly, we provide a concrete, non-asymptotic complexity estimate of the performance of our algebraic attack. Our results show that the complexity is below the estimated security levels of the signature scheme of Tang et al. and comparable to the currently best graph-theoretic attack by Beullens.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
In [BFV13] it was conjectured that this complexity is \(\mathcal {O}(n^9)\) i.e. polynomial. Later in [Bou11, RST22] this was reevaluated and shown that the conclusion was made based on some false assumptions. Nevertheless, even though there is no proof of the polynomial behavior of this step, in practice it does finish in an expected polynomial time.
References
Alamati, N., De Feo, L., Montgomery, H., Patranabis, S.: Cryptographic group actions and applications. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 411ā439. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_14
Bardet, M.: Ćtude des systĆØmes algĆ©briques surdĆ©terminĆ©s. Applications aux codes correcteurs et Ć la cryptographie. Ph.D. thesis, UniversitĆ© de Paris VI (2004)
Bardet, M., et al.: Improvements of algebraic attacks for solving the rank decoding and MinRank problems. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12491, pp. 507ā536. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64837-4_17
Barenghi, A., Biasse, J.-F., Persichetti, E., Santini, P.: LESS-FM: fine-tuning signatures from the code equivalence problem. In: Cheon, J.H., Tillich, J.-P. (eds.) PQCrypto 2021 2021. LNCS, vol. 12841, pp. 23ā43. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81293-5_2
Bosma, W., Cannon, J., Playoust, C.: The magma algebra system. I. The user language. J. Symbolic Comput. 24(3ā4), 235ā265 (1997). Computational algebra and number theory (London, 1993)
BlƤser, M., et al.: The ALTEQ Signature Scheme: Algorithm Specifications and Supporting Documentation. NIST PQC Submission (2023)
Beullens, W.: Not enough LESS: an improved algorithm for solving code equivalence problems over \(\mathbb{F}_q\). In: Dunkelman, O., Jacobson, Jr., M.J., OāFlynn, C. (eds.) SAC 2020. LNCS, vol. 12804, pp. 387ā403. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81652-0_15
Beullens, W.: Graph-theoretic algorithms for the alternating trilinear form equivalence problem. Cryptology ePrint Archive, Paper 2022/1528 (2022). https://eprint.iacr.org/2022/1528
Bouillaguet, C., FaugĆØre, J.-C., Fouque, P.-A., Perret, L.: Practical cryptanalysis of the identification scheme based on the isomorphism of polynomial with one secret problem. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 473ā493. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_29
Bardet, M., FaugĆØre, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: Proceedings of MEGA 2005, Eighth International Symposium on Effective Methods in Algebraic Geometry (2005)
Bouillaguet, C., Fouque, P.-A., VĆ©ber, A.: Graph-theoretic algorithms for the āisomorphism of polynomialsāā problem. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 211ā227. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_13
Beullens, W., Katsumata, S., Pintore, F.: Calamari and Falafl: logarithmic (linkable) ring signatures from isogenies and lattices. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 464ā492. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_16
Biasse, J.-F., Micheli, G., Persichetti, E., Santini, P.: LESS is more: code-based signatures without syndromes. In: Nitaj, A., Youssef, A. (eds.) AFRICACRYPT 2020. LNCS, vol. 12174, pp. 45ā65. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-51938-4_3
Bouillaguet, C.: Algorithms for some hard problems and cryptographic attacks against specific cryptographic primitives. Ph.D. thesis, UniversitƩ Paris Diderot (2011)
Chou, T., et al.: Take your meds: digital signatures from matrix code equivalence. Cryptology ePrint Archive, Paper 2022/1559 (2022). https://eprint.iacr.org/2022/1559
Coppersmith, D.: Solving homogeneous linear equations over gf (2) via block wiedemann algorithm. Math. Comput. 62, 333ā350 (1994)
Couveignes, J.-M.: Hard homogeneous spaces. Cryptology ePrint Archive, Paper 2006/291 (2006)
De Feo, L., Galbraith, S.D.: SeaSign: compact isogeny signatures from class group actions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 759ā789. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17659-4_26
FaugĆØre, J.-C.: A new efficient algorithm for computing grƶbner basis (F4). J. Pure Appl. Algebra 139(1ā3), 61ā88 (1999)
FaugĆØre, J.-C., Levy-dit-Vehel, F., Perret, L.: Cryptanalysis of MinRank. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 280ā296. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_16
FaugĆØre, J.-C., Perret, L.: Polynomial equivalence problems: algorithmic and theoretical aspects. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 30ā47. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_3
Grochow, J.A., Qiao, Y.: On the complexity of isomorphism problems for tensors, groups, and polynomials I: tensor isomorphism-completeness. In: Lee, J.R. (ed.)12th Innovations in Theoretical Computer Science Conference (ITCS 2021), volume 185 of Leibniz International Proceedings in Informatics (LIPIcs), pp. 31:1ā31:19, Dagstuhl, Germany, 2021. Schloss Dagstuhl-Leibniz-Zentrum fĆ¼r Informatik (2021)
Greub, W.H.: Multilinear Algebra. Grundlehren der mathematischen Wissenschaften. Springer, Heidelberg (2012)
Leon, J.S.: Computing automorphism groups of error-correcting codes. IEEE Trans. Inf. Theory 28(3), 496ā510 (1982)
Patarin, J.: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33ā48. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68339-9_4
Perret, L.: A fast cryptanalysis of the isomorphism of polynomials with one secret problem. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 354ā370. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_21
Rostovtsev, A., Stolbunov, A.: Public-key cryptosystem based on isogenies. Cryptology ePrint Archive, Paper 2006/145 (2006)
Reijnders, K., Samardjiska, S., Trimoska, M.: Hardness estimates of the code equivalence problem in the rank metric. Cryptology ePrint Archive, Paper 2022/276 (2022)
Tang, G., Duong, D.H., Joux, A., Plantard, T., Qiao, Y., Susilo, W.: Practical post-quantum signature schemes from isomorphism problems of trilinear forms. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022. LNCS, vol. 13277, pp. 582ā612. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-07082-2_21
Acknowledgements
This research is supported by the NWO grant OCNW.M.21.193 (ALPaQCa) and the ERC Starting Grant 805031 (EPOQUE).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ran, L., Samardjiska, S., Trimoska, M. (2023). Algebraic Algorithm for the Alternating Trilinear Form Equivalence Problem. In: Esser, A., Santini, P. (eds) Code-Based Cryptography. CBCrypto 2023. Lecture Notes in Computer Science, vol 14311. Springer, Cham. https://doi.org/10.1007/978-3-031-46495-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-46495-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-46494-2
Online ISBN: 978-3-031-46495-9
eBook Packages: Computer ScienceComputer Science (R0)