Superfluous Keys in Multivariate Quadratic Asymmetric Systems

In this article, we show that public key schemes based on multivariate quadratic equations allow many equivalent, and hence super∞uous private keys. We achieve this result by investigating several transformations to identify these keys and show their application to Hidden Field Equations (HFE), C ⁄ , and Unbalanced Oil and Vinegar schemes (UOV). In all cases, we are able to reduce the size of the private | and hence the public | key space by at least one order of magnitude. We see applications of our technique both in cryptanalysis of these schemes and in memory e‐cient implementations.

[1]  Louis Goubin,et al.  Unbalanced Oil and Vinegar Signature Schemes -extended Version , 1999 .

[2]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[3]  Louis Goubin,et al.  Trapdoor one-way permutations and multivariate polynominals , 1997, ICICS.

[4]  Christopher Wolf,et al.  Efficient Public Key Generation for HFE and Variations , 2004, Cryptographic Algorithms and their Uses.

[5]  Chen Liqun,et al.  Public Key Cryptography - PKC 2005 , 2005 .

[6]  Alex Biryukov,et al.  A Toolbox for Cryptanalysis: Linear and Affine Equivalence Algorithms , 2003, EUROCRYPT.

[7]  Bart Preneel,et al.  Equivalent Keys in Hfe, C * , and Variations , 2005 .

[8]  Jacques Patarin,et al.  Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88 , 1995, CRYPTO.

[9]  Jacques Patarin,et al.  Asymmetric Cryptography with a Hidden Monomial , 1996, CRYPTO.

[10]  A. Shamir,et al.  Cryptanalysis of the HFE Public Key Cryptosystem , 1999 .

[11]  Louis Goubin,et al.  Unbalanced Oil and Vinegar Signature Schemes , 1999, EUROCRYPT.

[12]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[13]  今井 浩 20世紀の名著名論:Peter Shor : Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 2004 .

[14]  Thomas Beth,et al.  Attacking the Affine Parts of SFLASH , 2001, IMACC.

[15]  Bart Preneel,et al.  Efficient Cryptanalysis of RSE(2)PKC and RSSE(2)PKC , 2004, SCN.

[16]  Ilia Toli Cryptanalysis of HFE , 2003, IACR Cryptol. ePrint Arch..

[17]  Jacques Patarin,et al.  Hidden Field Equations (HFE) and Isomorphisms of Polynomials (IP): two new Families of Asymmetric Algorithms - Extended Version - , 1996 .

[18]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[19]  Bart Preneel,et al.  A Study of the Security of Unbalanced Oil and Vinegar Signature Schemes , 2005, CT-RSA.

[20]  Bart Preneel,et al.  Asymmetric Cryptography: Hidden Field Equations , 2004, IACR Cryptol. ePrint Arch..