Abstract
A new method for solving algebraic equation systems common in cryptanalysis is proposed. Our method differs from the others in that the equations are not represented as multivariate polynomials, but as a system of Multiple Right Hand Sides linear equations. The method was tested on scaled versions of the AES. The results overcome significantly what was previously achieved with Gröbner Basis related algorithms.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Bard G., Courtois N., Jefferson C.: Efficient methods for conversion and solution of sparse systems of low-degree multivariate polynomials over GF(2) via SAT-solvers. Cryptology ePrint Archive, 2007/024, 25 January (2007).
Cheon J.H., Lee D.H.: Resistance of S-Boxes against Algebraic Attacks. In: Fast Software Encryption 2004, LNCS 3017, pp. 83–94. Springer-Verlag (2004).
Cid C., Murphy S., Robshaw M.: Small scale variants of the AES. In: FSE 2005, LNCS 3557, pp. 145–162. Springer-Verlag (2005).
Courtois N.: The security of hidden field equations (HFE). In: CT-RSA 2001, LNCS 2020, pp. 266–281. Springer-Verlag (2001).
Courtois N., Pieprzyk J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Asiacrypt 2002, LNCS 2501, pp. 267–287. Springer-Verlag (2002).
Courtois N., Meier W.: Algebraic attacks on stream ciphers with linear feedback. In: Eurocrypt 2003, LNCS 2656, pp. 345–359. Springer-Verlag (2003).
Daemen J., Rijmen V.: The design of rijndael; AES—the advanced encryption standard. Springer-Verlag (2002).
Faugère J.-C.: A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra 139, 61–88 (1999).
Faugère J.-C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Proceedings of ISSAC ’02, pp. 75–83. ACM Press (2002).
Raddum H., Semaev I.: New technique for solving sparse equation systems, Ecrypt’s STVL website, January 16th 2006, see also Cryptology ePrint Archive, 2006/475 (2006).
Raddum H., Semaev I.: Solving MRHS linear equations. Extended abstract. In: Proceedings of WCC’07, 16-20 Avril 2007, Versailles, France, INRIA, 323–332, Full paper is accepted in Designs, Codes and Cryptography (2007).
Shamir A., Patarin J., Courtois N., Klimov A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Eurocrypt 2000, LNCS 1807, pp. 392–407. Springer-Verlag (2000).
Zakrevskij A., Vasilkova I.: Reducing large systems of Boolean equations. In: 4th International Workshop on Boolean Problems, Freiberg University, September, 21–22 (2000).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Raddum, H., Semaev, I. Solving Multiple Right Hand Sides linear equations. Des. Codes Cryptogr. 49, 147–160 (2008). https://doi.org/10.1007/s10623-008-9180-z
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-008-9180-z