Roots of Square: Cryptanalysis of Double-Layer Square and Square+

Square is a multivariate quadratic encryption scheme proposed in 2009. It is a specialization of Hidden Field Equations by using only odd characteristic fields and also X2 as its central map. In addition, it uses embedding to reduce the number of variables in the public key. However, the system was broken at Asiacrypt 2009 using a differential attack. At PQCrypto 2010 Clough and Ding proposed two new variants named Double-Layer Square and Square+. We show how to break Double-Layer Square using a refined MinRank attack in 245 field operations. A similar fate awaits Square+ as it will be broken in 232 field operations using a mixed MinRank attack over both the extension and the ground field. Both attacks recover the private key, given access to the public key. We also outline how possible variants such as Square--- or multi-Square can be attacked.

[1]  Olivier Billet,et al.  Cryptanalysis of the Square Cryptosystems , 2009, ASIACRYPT.

[2]  Jintai Ding,et al.  Secure Variants of the Square Encryption Scheme , 2010, PQCrypto.

[3]  Bart Preneel,et al.  On the security of stepwise triangular systems , 2006, Des. Codes Cryptogr..

[4]  Ludovic Perret,et al.  Cryptanalysis of MinRank , 2008, CRYPTO.

[5]  Bo-Yin Yang,et al.  Square, a New Multivariate Encryption Scheme , 2009, CT-RSA.

[6]  Crystal Clough Square: A New Family of Multivariate Encryption Schemes , 2009 .

[7]  Hideki Imai,et al.  Algebraic Methods for Constructing Asymmetric Cryptosystems , 1985, AAECC.

[8]  Olivier Billet,et al.  Cryptanalysis of Rainbow , 2006, SCN.

[9]  Jan Camenisch,et al.  Security in Communication Networks - SCN 2004 , 2004 .

[10]  Jeffrey Shallit,et al.  The Computational Complexity of Some Problems of Linear Algebra , 1996, J. Comput. Syst. Sci..

[11]  Luk Bettale,et al.  Cryptanalysis of Multivariate and Odd-Characteristic HFE Variants , 2011, Public Key Cryptography.

[12]  Bart Preneel,et al.  Equivalent keys in ℳultivariate uadratic public key systems , 2005, J. Math. Cryptol..

[13]  Louis Goubin,et al.  Cryptanalysis of the TTM Cryptosystem , 2000, ASIACRYPT.

[14]  Jintai Ding,et al.  Rainbow, a New Multivariable Polynomial Signature Scheme , 2005, ACNS.

[15]  Bart Preneel,et al.  Efficient Cryptanalysis of RSE(2)PKC and RSSE(2)PKC , 2004, SCN.

[16]  Louis Goubin,et al.  A Fast and Secure Implementation of Sflash , 2003, Public Key Cryptography.

[17]  Hideki Imai,et al.  A cryptographically useful theorem on the connection between uni and multivariate polynomials , 1985 .

[18]  Bo-Yin Yang,et al.  Odd-Char Multivariate Hidden Field Equations , 2008, IACR Cryptol. ePrint Arch..

[19]  Jacques Patarin,et al.  Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms , 1996, EUROCRYPT.

[20]  Adi Shamir,et al.  Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization , 1999, CRYPTO.

[21]  A. Shamir,et al.  Cryptanalysis of the HFE Public Key Cryptosystem , 1999 .