Abstract
This paper summarizes most of the main developments in the cryptanalysis of multivariate cryptosystems and discuss some problems that remain open. A strong emphasis is put on the symbolic computation tools that have been used to achieve these advances.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
G. Ars, J. C. Faugère, H. Imai, M. Kawazoe, and M. Sugita, Comparison between XL and Gröbner basis algorithms, Proc. of Asiacrypt 2004 (P. J. Lee, ed.), LNCS, vol. 3329, Springer, Berlin, 2004, pp. 338–353.
M. Bardet, An investigation on overdetermined algebraic systems and applications to error-correcting codes and to cryptography, Ph.D. thesis, University of Paris 6, Paris, France, 2004.
C. Berbain and H. Gilbert, On the security of IV dependent stream ciphers, FSE 2007 (A. Biryukov, ed.), LNCS, vol. 4593, Springer, Berlin, 2007, pp. 254–273.
C. Berbain, H. Gilbert, and J. Patarin, QUAD: A practical stream cipher with provable security, EUROCRYPT 2006 (S. Vaudenay, ed.), LNCS, vol. 4004, Springer, Berlin, 2006, pp. 109–128.
O. Billet and H. Gilbert, A traceable block cipher, Asiacrypt 2003 (C. S. Laih, ed.), LNCS, vol. 2894, Springer, Berlin, 2003, pp. 331–346.
O. Billet and H. Gilbert, Cryptanalysis of Rainbow, SCN 2006 (R. De Prisco and M. Yung, eds.), LNCS, vol. 4116, Springer, Berlin, 2006, pp. 336–347.
O. Billet, M. J. B. Robshaw, and T. Peyrin, On building hash functions from multivariate quadratic equations, ACISP 2007 (J. Pieprzyk, H. Ghodosi and E. Dawson, eds.), LNCS, vol. 4586, Springer, Berlin, 2007, pp. 82–95.
O. Billet, J. Patarin, and Y. Seurin, Analysis of Intermediate Field Systems, SCC 2008 (D. Wang and J.-C. Faugère, eds.), 2008.
A. Biryukov, B. Preneel, A. Braeken, and C. de Cannière, A toolbox for cryptanalysis: linear and affine equivalence algorithms, Eurocrypt 2003 (E. Biham, ed.), LNCS, vol. 2656, Springer, Berlin, 2003, pp. 33–50.
A. Braeken, B. Preneel, and C. Wolf, A study of the security of unbalanced Oil & Vinegar signature schemes, CT-RSA 2005 (A. Menezes, ed.), LNCS, vol. 3376, 2005, p. 29.
B. Buchberger, Ein Algorithmus zum Auffinden der Basiselemente des Restklassenringes nach einem nulldimensionalen Polynomideal, Ph.D. thesis, Innsbruck, 1965.
B. Buchberger, Ein algorithmisches Kriterium für die Lösbarkeit eines algebraischen Gleichungssystems, Aequationes Math. 4 (1970), 374–383.
B. Buchberger, Gröbner-bases: An algorithmic method in polynomial ideal theory, Multidimensional systems theory, Reidel, Dordrecht, 1985, pp. 184–232.
B. Buchberger, An algorithmical criterion for the solvability of algebraic systems of equations, London Math. Soc. LNS 251 (1998), 535–545.
B. Buchberger, Bruno Buchberger’s PhD thesis 1965: An algorithm for finding the basis elements of the residue class ring of a zero dimensional polynomial ideal, J. Symb. Comput. 41 (2006), nos. 3–4, 475–511.
J. F. Buss, G. S. Frandsen, and J. O. Shallit, The computational complexity of some problems of linear algebra, J. Comput. Syst. Sci. 58 (1999), no. 3, 572–596.
M. Caboara, F. Caruso, and C. Traverso, Gröbner bases for public key cryptography, Proc. of ISSAC 2008 (L. Gonzalez-Vega, ed.), ACM, New York, 2008.
D. Coppersmith, J. Stern, and S. Vaudenay, Attacks on the birational permutation signature schemes, CRYPTO93 (D. R. Stinson, ed.), LNCS, vol. 773, Springer, Berlin, 1993, pp. 435–443.
D. Coppersmith, J. Stern, and S. Vaudenay, The security of the birational permutation signature schemes, Journal of Cryptology 10 (1997), no. 3, 207–221.
N. T. Courtois, The security of Hidden Field Equations (HFE), Proc. of CT-RSA 2001 (D. Naccache, ed.), LNCS, vol. 2020, Springer, Berlin, 2001, pp. 266–281.
N. Courtois and W. Meier, Algebraic attacks on stream ciphers with linear feedback, EUROCRYPT 2003 (E. Biham, ed.), LNCS, vol. 2656, Springer, Berlin, 2003, pp. 345–359.
N. Courtois, A. Klimov, J. Patarin, and A. Shamir, Efficient algorithms for solving overdefined systems of multivariate polynomial equations, Proc. of EUROCRYPT 2000, LNCS, vol. 1807, Springer, Berlin, 2000, pp. 392–407.
M. T. Dickerson, The functional decomposition of polynomials, Ph.D. thesis, Cornell University, Ithaca, NY, USA, 1989.
L. E. Dickson, History of the theory of numbers, vol. 3, Chelsea, New York, 1971.
J. Ding and J. E. Gower, Inoculating multivariate schemes against differential attacks, Cryptology ePrint Archive, Report 2005/255, 2005.
J. Ding and D. Schmidt, A defect of the implementation schemes of the TTM cryptosystem, Cryptology ePrint Archive, Report 2003/085, 2003.
J. Ding and D. Schmidt, The new implementation schemes of the TTM cryptosystem are not secure, Progr. Comput. Sci. Appl. Logic 23 (2004), 113–127.
J. Ding and D. Schmidt, Rainbow, a new multivariable polynomial signature scheme, ACNS 2005 (J. Ioannidis, A. D. Keromytis and M. Yung, eds.), LNCS, vol. 3531, Springer, Berlin, 2005a, pp. 164–175.
J. Ding and D. Schmidt, Cryptanalysis of HVEv and internal perturbation of HFE, PKC 2005 (S. Vaudenay, ed.), LNCS, vol. 3386, Springer, Berlin, 2005b, p. 288.
J. Ding, L. Hu, X. Nie, J. Li, and J. Wagner, High order linearization equation (HOLE) attack on multivariate public key cryptosystems, PKC 2007 (T. Okamoto and X. Wang, eds.), LNCS, Springer, Berlin, 2007a.
J. Ding, C. Wolf, and B.-Y. Yang, ℓ -invertible cycles for multivariate quadratic (MQ) public key cryptography, PKC 2007 (T. Okamoto and X. Wang, eds.), LNCS, vol. 4450, Springer, Berlin, 2007b, pp. 266–281.
V. Dubois, P.-A. Fouque, A. Shamir, and J. Stern, Practical cryptanalysis of SFLASH, CRYPTO 2007 (A. Menezes, ed.), LNCS, vol. 4622, Springer, Berlin, 2007a, pp. 1–12.
V. Dubois, L. Granboulan, and J. Stern, Cryptanalysis of HFE with internal perturbation, PKC 2007 (T. Okamoto and X. Wang, eds.), LNCS, vol. 3494, Springer, Berlin, 2007b.
J. C. Faugére, A new efficient algorithm for computing Gröbner bases (F 4), J. Pure Appl. Algebra 139 (1999), nos. 1–3, 61–88.
J. C. Faugère, A new efficient algorithm for computing Gröbner bases without reduction to zero (F 5), Proc. of ISSAC 2002, ACM, New York, 2002, pp. 75–83.
J. Faugère and G. Ars, An algebraic cryptanalysis of nonlinear filter generators using Gröbner bases, INRIA Research Report 4739, 2003.
J. C. Faugère and A. Joux, Algebraic cryptanalysis of hidden field equation (HFE) cryptosystems using Gröbner bases, LNCS, vol. 2729 Springer, Berlin, 2003, pp. 44–60.
J. C. Faugère and L. Perret, Polynomial equivalence problems: algorithmic and theoretical aspects, EUROCRYPT 2006, LNCS, vol. 4004, Springer, Berlin, 2006a, pp. 30–47.
J. C. Faugère and L. Perret, Cryptanalysis of 2R \(^{\mbox{-}}\) schemes, CRYPTO 2006 (C. Dwork, ed.), LNCS, vol. 4117, Springer, Berlin, 2006b, pp. 357–372.
J.-C. Faugère and L. Perret, Cryptanalysis of MinRank, CRYPTO 2008 (D. Wagner, ed.), LNCS, vol. 5157, Springer, Berlin, 2008a, pp. 280–296.
J.-C. Faugère and L. Perret, On the security of UOV, SCC 2008 (D. Wang and J. C. Faugère, eds.), 2008b.
H. J. Fell and W. Diffie, Analysis of a public key approach based on polynomial substitution, CRYPTO 85 (H. C. Williams, ed.), LNCS, vol. 218, Springer, Berlin, 1985, pp. 340–349.
M. Fellows and N. Koblitz, Combinatorial cryptosystems galore!, Finite Fields: Theory, Applications, and Algorithms (G. L. Mullen and P. J.-S. Shiue, eds.), Contemporary Mathematics, vol. 168, AMS, Providence, 1994, pp. 51–61.
P.-A. Fouque, L. Granboulan, and J. Stern, Differential cryptanalysis for multivariate schemes, EUROCRYPT 2005 (R. Cramer, ed.), LNCS, vol. 3494, Springer, Berlin, 2005, pp. 341–353.
P. A. Fouque, G. Macario-Rat, L. Perret, and J. Stern, Total break of the -IC signature scheme, PKC 2008, LNCS, vol. 4939, Springer, Berlin, 2008a, pp. 1–17.
P.-A. Fouque, G. Macario-Rat, and J. Stern, Key recovery on hidden monomial multivariate schemes, EUROCRYPT 2008 (N. P. Smart, ed.), LNCS, vol. 4965, Springer, Berlin, 2008b, pp. 19–30.
A. S. Fraenkel and Y. Yesha, Complexity of solving algebraic equations, Inf. Process. Lett. 10 (1980), nos. 4–5, 178–179.
W. Geiselmann, R. Steinwandt, and T. Beth, Attacking the affine parts of SFLASH, Cryptography and coding—IMA 2001, Springer, Berlin, 2001, pp. 355–359.
L. Goubin, Théorie et Pratique de la Cryptologie sur Carte à Microprocesseur, Mémoire d’habilitation à diriger des recherches, 2003.
L. Goubin and N. T. Courtois, Cryptanalysis of the TTM cryptosystem, ASIACRYPT 2000 (T. Okamoto, ed.), LNCS, vol. 1976, Springer, Berlin, 2000, pp. 44–57.
L. Granboulan, A. Joux, and J. Stern, Inverting HFE is quasipolynomial, CRYPTO2006 (C. Dwork, ed.), LNCS, vol. 4117, Springer, Berlin, 2006, pp. 345–356.
H. Imai and T. Matsumoto, Algebraic methods for constructing asymmetric cryptosystems, Proc. of AAECC 3, LNCS, vol. 229, Springer, Berlin, 1985, pp. 108–119.
X. Jiang, J. Ding, and L. Hu, Kipnis-Shamir’s attack on HFE revisited, Inscrypt 2007 (D. Feng and Y. Zhang, eds.), LNCS, Springer, Berlin, 2007.
A. Kipnis and A. Shamir, Cryptanalysis of the oil & vinegar signature scheme, CRYPTO ’98, LNCS, vol. 1462, Springer, Berlin, 1998, pp. 257–266.
A. Kipnis and A. Shamir, Cryptanalysis of the HFE public key cryptosystem by relinearization, CRYPTO 99 (M. J. Wiener, ed.), LNCS, vol. 1666, Springer, Berlin, 1999, pp. 19–30.
A. Kipnis, J. Patarin, and L. Goubin, Unbalanced oil & vinegar signature schemes, EUROCRYPT ’99 (J. Stern, ed.), LNCS, vol. 1592, Springer, Berlin, 1999, pp. 206–222.
D. E. Knuth, The Art of Computer Programming, Volume 2: Seminumerical Algorithms, Third ed., Addison–Wesley, Reading, 1997.
N. Koblitz, Algebraic aspects of cryptography, Algorithms and computation in mathematics, vol. 3, Springer, Berlin, 1999.
F. Levy-dit-Vehel, M. G. Marinari, L. Perret, and C. Traverso, A survey on Polly Cracker systems, this volume, 2009, pp. 285–305.
F. S. Macaulay, The algebraic theory of modular systems, Cambridge University Press, Cambridge, 1916.
R. J. McEliece, A public key cryptosystem based on algebraic coding theory, JPL DSN 42–44 (1978), 114–116.
T. T. Moh, A fast public key system with signature and master key functions, Proc. of CrypTEC99, Hong Kong City Press, 1999.
T. Mora, Gröbner technology, this volume, 2009, pp. 11–25.
P. Q. Nguyen and J. Stern, The two faces of lattices in cryptology, CaLC 2001 (J. H. Silverman, ed.), LNCS, vol. 2146, Springer, Berlin, 2001, pp. 146–180.
H. Niederreiter, Knapsack-type cryptosystems and algebraic coding theory, Problems Control Inform. Theory/Problemy Upravlen. Teor. Inform. 15 (1986), no. 2, 159–166.
J. Patarin, Cryptoanalysis of the Matsumoto and Imai public key scheme of Eurocrypt ’88, CRYPTO 95 (D. Coppersmith, ed.), LNCS, vol. 963, Springer, Berlin, 1995, pp. 248–261.
J. Patarin, Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms, EUROCRYPT ’96 (U. M. Maurer, ed.), LNCS, vol. 1070, Springer, Berlin, 1996, pp. 33–48.
J. Patarin, The oil & vinegar signature scheme, Proc. of Dagstuhl Workshop on Cryptography, 1997.
J. Patarin, Challenge HFE, http://www.minrank.org/hfe#challenge, 1998.
J. Patarin and L. Goubin, Asymmetric cryptography with S-boxes, ICICS 97, LNCS, vol. 1334, Springer, Berlin, 1997, pp. 369–380.
J. Patarin, L. Goubin, and N. T. Courtois, C *−+ and HM: variations around two schemes of T. Matsumoto and H. Imai, ASIACRYPT ’98 (K. Ohta and D. Pei, eds.), LNCS, vol. 1514, Springer, Berlin, 1998a, pp. 35–49.
J. Patarin, L. Goubin, and N. T. Courtois, Improved algorithms for isomorphisms of polynomials, EUROCRYPT 98 (K. Nyberg, ed.), LNCS, vol. 1403, Springer, Berlin, 1998b, pp. 184–200.
J. Patarin, L. Goubin, and N. T. Courtois, SFLASH, a Fast Asymmetric Signature Scheme for Low Cost Smart-Cards, https://www.cosic.esat.kuleuven.be/nessie/workshop/submissions/sflash.zip, 2000.
L. Perret, A fast cryptanalysis of the isomorphism of polynomials with one secret problem, EUROCRYPT 2005 (R. Cramer, ed.), LNCS, vol. 3494, Springer, Berlin, 2005, pp. 354–370.
O. Regev, Lattice-based cryptography, Proc. of CRYPTO2006 (C. Dwork, ed.), LNCS, vol. 4117, Springer, Berlin, 2006, pp. 131–141.
A. Shamir, Efficient signature schemes based on birational permutations, CRYPTO93 (D. R. Stinson, ed.), LNCS, vol. 773, Springer, Berlin, 1993, pp. 1–12.
P. W. Shor, Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer, SIAM J. Comput. 26 (1997), 1484–1509.
T. Thierauf, The computational complexity of equivalence and isomorphism problems, LNCS, vol. 1852, Springer, Berlin, 2000, pp. 1–135.
J. von zur Gathen and V. Shoup, Computing Frobenius Maps and Factoring Polynomials, Computational Complexity 2 (1992), 187–224.
J. von zur Gathen, J. Gutierrez, and R. Rubio, Multivariate polynomial decomposition, Appl. Algebra Eng. Commun. Comput. 14 (2003), no. 1, 11–31.
L.-C. Wang, B.-Y. Yang, Y.-H. Hu, and F. Lai, A “Medium-Field” multivariate public-key encryption scheme, CT-RSA 2006 (D. Pointcheval, ed.), LNCS, vol. 3860, Springer, Berlin, 2006, pp. 132–149.
B.-Y. Yang and J.-M. Chen, Building secure tame-like multivariate public-key cryptosystems: The new TTS, ACISP 2005 (C. Boyd and J. M. G. Nieto, eds.), LNCS, vol. 3574, Springer, Berlin, 2005, pp. 518–531.
B.-Y. Yang, J.-M. Chen, and Y.-H. Chen, TTS: High-speed signatures on a low-cost smart card, CHES 2004 (M. Joye and J. J. Quisquater, eds.), LNCS, vol. 3156, Springer, Berlin, 2004, pp. 371–385.
D.-F. Ye, K.-Y. Lam, and Z.-D. Dai, Cryptanalysis of “2 R” schemes, CRYPTO 99, LNCS, vol. 1666, Springer, Berlin, 1999, pp. 315–325.
D.-F. Ye, Z.-D. Dai, and K.-Y. Lam, Decomposing attacks on asymmetric cryptography based on mapping compositions, J. of Cryptology 14 (2001), no. 2, 137–150.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Billet, O., Ding, J. (2009). Overview of Cryptanalysis Techniques in Multivariate Public Key Cryptography. In: Sala, M., Sakata, S., Mora, T., Traverso, C., Perret, L. (eds) Gröbner Bases, Coding, and Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-93806-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-540-93806-4_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-93805-7
Online ISBN: 978-3-540-93806-4
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)