Practical Cryptanalysis of SFLASH

In this paper, we present a practical attack on the signature scheme SFLASH proposed by Patarin, Goubin and Courtois in 2001 following a design they had introduced in 1998. The attack only needs the public key and requires about one second to forge a signature for any message, after a one-time computation of several minutes. It can be applied to both SFLASHv2 which was accepted by NESSIE, as well as to SFLASHv3 which is a higher security version.

[1]  Adi Shamir,et al.  Efficient Signature Schemes Based on Birational Permutations , 1993, CRYPTO.

[2]  Antoine Joux,et al.  Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases , 2003, CRYPTO.

[3]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[4]  Jacques Patarin,et al.  Hidden Field Equations (HFE) and Isomorphisms of Polynomials (IP): two new Families of Asymmetric Algorithms - Extended Version - , 1996 .

[5]  Jacques Stern,et al.  Differential Cryptanalysis for Multivariate Schemes , 2005, EUROCRYPT.

[6]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[7]  Louis Goubin,et al.  C*-+ and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai , 1998, ASIACRYPT.

[8]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[9]  Marine Minier,et al.  Cryptanalysis of SFLASH , 2002, EUROCRYPT.

[10]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[11]  Jacques Patarin,et al.  Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88 , 1995, CRYPTO.

[12]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[13]  Louis Goubin,et al.  FLASH, a Fast Multivariate Signature Algorithm , 2001, CT-RSA.

[14]  Jacques Stern,et al.  Cryptanalysis of SFLASH with Slightly Modified Parameters , 2007, EUROCRYPT.