Skip to main content
SpringerLink
Log in

An Updated Security Analysis of PFLASH

  • Conference paper
  • First Online:
Book cover Post-Quantum Cryptography (PQCrypto 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10346))

Included in the following conference series:

Abstract

One application in post-quantum cryptography that appears especially difficult is security for low-power or no-power devices. One of the early champions in this arena was SFLASH, which was recommended by NESSIE for implementation in smart cards due to its extreme speed, low power requirements, and the ease of resistance to side-channel attacks. This heroship swiftly ended with the attack on SFLASH by Dubois et al. in 2007. Shortly thereafter, an old suggestion re-emerged: fixing the values of some of the input variables. The resulting scheme known as PFLASH is nearly as fast as the original SFLASH and retains many of its desirable properties but without the differential weakness, at least for some parameters.

PFLASH can naturally be considered a form of high degree HFE\(^-\) scheme, and as such, is subject to any attack exploiting the low rank of the central map in HFE\(^-\). Recently, a new attack has been presented that affects HFE\(^-\) for many practical parameters. This development invites the investigation of the security of PFLASH against these techniques.

In this vein, we expand and update the security analysis of PFLASH by proving that the entropy of the key space is not greatly reduced by choosing parameters that are provably secure against differential adversaries. We further compute the complexity of the new HFE\(^-\) attack on instances of PFLASH and conclude that PFLASH is secure against this avenue of attack as well. Thus PFLASH remains a secure and attractive option for implementation in low power environments.

The rights of this work are transferred to the extent transferable according to title 17 §105 U.S.C.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Cryptographic Technology Group: Submission requirements and evaluation criteria for the post-quantum cryptography standardization process. NIST CSRC (2016). http://csrc.nist.gov/groups/ST/post-quantum-crypto/documents/call-for-proposals-final-dec-2016.pdf

  2. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Sci. Stat. Comp. 26, 1484 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  3. Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988). doi:10.1007/3-540-45961-8_39

    Chapter  Google Scholar 

  4. Patarin, J.: Cryptanalysis of the matsumoto and imai public key scheme of Eurocrypt’88. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 248–261. Springer, Heidelberg (1995). doi:10.1007/3-540-44750-4_20

    Chapter  Google Scholar 

  5. Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996). doi:10.1007/3-540-68339-9_4

    Chapter  Google Scholar 

  6. Patarin, J., Courtois, N., Goubin, L.: FLASH, a fast multivariate signature algorithm. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 298–307. Springer, Heidelberg (2001). doi:10.1007/3-540-45353-9_22

    Chapter  Google Scholar 

  7. Dubois, V., Fouque, P.-A., Shamir, A., Stern, J.: Practical cryptanalysis of SFLASH. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 1–12. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74143-5_1

    Chapter  Google Scholar 

  8. Ding, J., Dubois, V., Yang, B.-Y., Chen, O.C.-H., Cheng, C.-M.: Could SFLASH be repaired? In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008. LNCS, vol. 5126, pp. 691–701. Springer, Heidelberg (2008). doi:10.1007/978-3-540-70583-3_56

    Chapter  Google Scholar 

  9. Smith-Tone, D.: On the differential security of multivariate public key cryptosystems. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 130–142. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25405-5_9

    Chapter  Google Scholar 

  10. Chen, M.S., Yang, B.Y., Smith-Tone, D.: PFLASH - secure asymmetric signatures on smart cards. In: Lightweight Cryptography Workshop (2015). http://csrc.nist.gov/groups/ST/lwc-workshop.2015/papers/session3-smith-tone-paper.pdf

  11. Moody, D., Perlner, R.A., Smith-Tone, D.: An asymptotically optimal structural attack on the ABC multivariate encryption scheme. In: [25] pp. 180–196 (2014)

    Google Scholar 

  12. Moody, D., Perlner, R.A., Smith-Tone, D.: Key recovery attack on the cubic ABC simple matrix multivariate encryption scheme. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 241–254. Springer, Cham (2017)

    Google Scholar 

  13. Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_2

    Chapter  Google Scholar 

  14. Bettale, L., Faugère, J., Perret, L.: Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Crypt. 69, 1–52 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  15. Patarin, J., Goubin, L., Courtois, N.: \(C_{-+}^{*}\) and HM: variations around two schemes of T. Matsumoto and H. Imai. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 35–50. Springer, Heidelberg (1998). doi:10.1007/3-540-49649-1_4

    Chapter  Google Scholar 

  16. Patarin, J., Goubin, L., Courtois, N.: Improved algorithms for isomorphisms of polynomials. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 184–200. Springer, Heidelberg (1998). doi:10.1007/BFb0054126

    Chapter  Google Scholar 

  17. Berlekamp, E.R.: Factoring polynomials over large finite fields. Math. Comput. 24, 713–735 (1970)

    Article  MathSciNet  MATH  Google Scholar 

  18. Ding, J., Hu, L., Nie, X., Li, J., Wagner, J.: High order linearization equation (HOLE) attack on multivariate public key cryptosystems. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 233–248. Springer, Heidelberg (2007). doi:10.1007/978-3-540-71677-8_16

    Chapter  Google Scholar 

  19. Daniels, T., Smith-Tone, D.: Differential properties of the HFE cryptosystem. In: [25], pp. 59–75 (2014)

    Google Scholar 

  20. Cartor, R., Gipson, R., Smith-Tone, D., Vates, J.: On the differential security of the HFEv- signature primitive. In: Takagi, T. (ed.) PQCrypto 2016. LNCS, vol. 9606, pp. 162–181. Springer, Cham (2016). doi:10.1007/978-3-319-29360-8_11

    Chapter  Google Scholar 

  21. Smith-Tone, D.: Properties of the discrete differential with cryptographic applications. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 1–12. Springer, Heidelberg (2010). doi:10.1007/978-3-642-12929-2_1

    Chapter  Google Scholar 

  22. Vates, J., Smith-Tone, D.: Key recovery attack for all parameters of HFE-. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 272–288. Springer, Cham (2017)

    Google Scholar 

  23. Billet, O., Macario-Rat, G.: Cryptanalysis of the square cryptosystems. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 451–468. Springer, Heidelberg (2009). doi:10.1007/978-3-642-10366-7_27

    Chapter  Google Scholar 

  24. Ding, J., Kleinjung, T.: Degree of regularity for HFE-. IACR Cryptology ePrint Archive 2011, p. 570 (2011)

    Google Scholar 

  25. Mosca, M. (ed.): PQCrypto 2014. LNCS, vol. 8772. Springer, Cham (2014)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, University of Louisville, Louisville, KY, USA

    Ryann Cartor & Daniel Smith-Tone

  2. National Institute of Standards and Technology, Gaithersburg, MD, USA

    Daniel Smith-Tone

Authors
  1. Ryann Cartor
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniel Smith-Tone
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Daniel Smith-Tone .

Editor information

Editors and Affiliations

  1. Technische Universiteit Eindhoven, Eindhoven, The Netherlands

    Tanja Lange

  2. Kyushu University , Fukuoka, Japan

    Tsuyoshi Takagi

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG (outside the US)

About this paper

Cite this paper

Cartor, R., Smith-Tone, D. (2017). An Updated Security Analysis of PFLASH. In: Lange, T., Takagi, T. (eds) Post-Quantum Cryptography . PQCrypto 2017. Lecture Notes in Computer Science(), vol 10346. Springer, Cham. https://doi.org/10.1007/978-3-319-59879-6_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-59879-6_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-59878-9

  • Online ISBN: 978-3-319-59879-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation