Skip to main content
Springer Nature Link
Log in

Cryptanalysis of the Hidden Matrix Cryptosystem

  • Conference paper
Progress in Cryptology – LATINCRYPT 2010 (LATINCRYPT 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6212))

Abstract

In this paper, we present an efficient cryptanalysis of the so-called HM cryptosystem which was published at Asiacrypt’1999, and one perturbed version of HM. Until now, this scheme was exempt from cryptanalysis. We first present a distinguisher which uses a differential property of the public key. This distinguisher permits to break one perturbed version of HM. After that, we describe a practical message-recovery attack against HM using Gröbner bases. The attack can be mounted in few hundreds seconds for recommended parameters. It turns out that algebraic systems arising in HM are easier to solve than random systems of the same size. Note that this fact provides another distinguisher for HM. Interestingly enough, we offer an explanation why algebraic systems arising in HM are easy to solve in practice. Briefly, this is due to the apparition of many new linear and quadratic equations during the Gröbner basis computation. More precisely, we provide an upper bound on the maximum degree reached during the Gröbner basis computation (a.k.a. the degree of regularity) of HM systems. For \({\mathbb F}_{2}\), which is the initial and usual setting of HM, the degree of regularity is upper-bounded by 3. In general, this degree of regularity is upper-bounded by 4. These bounds allow a polynomial-time solving of the system given by the public equations in any case. All in all, we consider that the HM scheme is broken for all practical parameters.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bardet, M.: Étude des systèmes algébriques surdéterminés. Applications aux codes correcteurs et à la cryptographie. PhD thesis, Université de Paris VI (2004)

    Google Scholar 

  2. Bardet, M., Faugère, J.-C., Salvy, B.: Complexity study of Gröbner basis computation. Technical report, INRIA (2002), http://www.inria.fr/rrrt/rr-5049.html

  3. Bardet, M., Faugère, J.-C., Salvy, B.: On the complexity of Gröbner basis computation of semi-regular overdetermined algebraic equations. In: Proc. International Conference on Polynomial System Solving (ICPSS), pp. 71–75 (2004)

    Google Scholar 

  4. Bardet, M., Faugère, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: Proc. of MEGA 2005, Eighth International Symposium on Effective Methods in Algebraic Geometry (2005)

    Google Scholar 

  5. Bogdanov, A., Eisenbarth, T., Rupp, A., Wolf, C.: Time-area optimized public-key engines: \(\mathcal{MQ}\)-cryptosystems as replacement for elliptic curves? In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 45–61. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Ding, J.: A new variant of the matsumoto-imai cryptosystem through perturbation. In: Bao, F., Deng, R. H., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 305–318. Springer, Heidelberg (2004)

    Google Scholar 

  7. Dubois, V., Fouque, P.-A., Shamir, A., Stern, J.: Practical cryptanalysis of sflash. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 1–12. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  8. Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Mora, T. (ed.) Proceedings of the 2002 International Symposium on Symbolic and Algebraic Computation ISSAC, July 2002, pp. 75–83. ACM Press, New York (2002) ISBN: 1-58113-484-3

    Chapter  Google Scholar 

  9. Faugère, J.-C., Joux, A.: Algebraic cryptanalysis of Hidden Field Equation (HFE) cryptosystems using Gröbner bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 44–60. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  10. Fouque, P.-A., Granboulan, L., Stern, J.: Differential cryptanalysis for multivariate schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 341–353. Springer, Heidelberg (2005)

    Google Scholar 

  11. Granboulan, L., Joux, A., Stern, J.: Inverting HFE is quasipolynomial. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 345–356. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  12. Imai, H., Matsumoto, T.: Algebraic Methods for Constructing Asymmetric Cryptosystems. In: Calmet, J. (ed.) AAECC 1985. LNCS, vol. 229, pp. 108–119. Springer, Heidelberg (1986)

    Google Scholar 

  13. Kipnis, A., Shamir, A.: Cryptanalysis of the oil and vinegar signature scheme. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 257–266. Springer, Heidelberg (1998)

    Google Scholar 

  14. Koblitz, N.: Algebraic Aspects of Cryptography. Algorithms and Computation in Mathematics, vol. 3. Springer, Heidelberg (1998)

    MATH  Google Scholar 

  15. Liddl, R., Niederreiter, H.: Introduction to Finite Fields. Longman Higher Education (1983)

    Google Scholar 

  16. Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988)

    Google Scholar 

  17. Patarin, J.: Cryptanalysis of the matsumoto and imai public key scheme of eurocrypt’88. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 248–261. Springer, Heidelberg (1995)

    Google Scholar 

  18. Patarin, J.: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996)

    Google Scholar 

  19. Patarin, J.: The Oil and Vinegar signature scheme. Presented at the Dagstuhl Workshop on Cryptography (1997)

    Google Scholar 

  20. Patarin, J., Courtois, N., Goubin, L.: \({C}_{-+}^*\) and HM: Variations on Two Schemes of T.Matsumoto and H.Imai. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 35–50. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  21. Patarin, J., Courtois, N., Goubin, L.: \({C}_{-+}^*\) and HM: Variations on Two Schemes of T.Matsumoto and H.Imai, Extended Version. Available From the Authors (1998)

    Google Scholar 

  22. Patarin, J., Courtois, N., Goubin, L.: Quartz, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  23. Patarin, J., Goubin, L., Courtois, N.: C* − + and hm: Variations around two schemes of t.matsumoto and h.imai. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 35–49. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  24. Wolf, C., Preneel, B.: Taxonomy of Public Key Schemes based on the problem of Multivariate Quadratic equations. Cryptology ePrint Archive, Report 2005/077 (2005), http://eprint.iacr.org/

  25. Wu, Z., Ding, J., Gower, J.E., Ye, D.: Perturbed hidden matrix cryptosystems. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3481, pp. 595–602. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SALSA Project UPMC, Univ Paris 06, LIP6, CNRS, UMR 7606, LIP6, INRIA, Centre Paris-Rocquencourt, 104, avenue du Président Kennedy, 75016, Paris, France

    Jean-Charles Faugère & Ludovic Perret

  2. Université Versailles-Saint Quentin,  

    Antoine Joux & Joana Treger

  3. DGA,  

    Antoine Joux

Authors
  1. Jean-Charles Faugère
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Antoine Joux
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ludovic Perret
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Joana Treger
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, École Normale Supérieure, 45 Rue d’Ulm, 75230, Paris Cedex 05, France

    Michel Abdalla

  2. Computer Architecture and Networking Laboratory (LARC), Universidade de Sáo Paulo, Av. Prof. Luciano Gualberto, trav.3, n.158, 05508-900, Sáo Paulo (SP), Brazil

    Paulo S. L. M. Barreto

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Faugère, JC., Joux, A., Perret, L., Treger, J. (2010). Cryptanalysis of the Hidden Matrix Cryptosystem. In: Abdalla, M., Barreto, P.S.L.M. (eds) Progress in Cryptology – LATINCRYPT 2010. LATINCRYPT 2010. Lecture Notes in Computer Science, vol 6212. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14712-8_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14712-8_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14711-1

  • Online ISBN: 978-3-642-14712-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics