Hidden Field Equations (HFE) and Isomorphisms of Polynomials (IP): two new Families of Asymmetric Algorithms - Extended Version -

In 11] T. Matsumoto and H. Imai described a new asymmetric algorithm based on multivariate polynomials of degree two over a nite eld. Then in 14] this algorithm was broken. The aim of this paper is to show that despite this result it is probably possible to use multivariate polynomials of degree two in carefully designed algorithms for asymmetric cryptography. In this paper we will give some examples of such schemes. All the examples that we will give, belong to two large family of schemes: HFE and IP. With HFE we will be able to do encryption, signatures or authentication in an asymmetric way. Moreover HFE (with properly chosen parameters) resist to all known attacks and can be used in order to give very short asymmetric signatures or very short encrypted messages (of length 128 bits or 64 bits for example). IP can be used for asymmetric authentications or signatures. IP authentications are zero knowledge. Note 1 : Another title for this paper could be \How to repair Matsumoto-Imai algorithm with the same kind of public polynomials". Note 2 : This paper is the extended version of the paper with the same title published at Euro-crypt'96.

[1]  Joachim von zur Gathen,et al.  Computing Frobenius maps and factoring polynomials , 2005, computational complexity.

[2]  Paul C. van Oorschot,et al.  A geometric approach to root finding in GF(qm) , 1989, IEEE Trans. Inf. Theory.

[3]  Gilles Brassard,et al.  A note on the complexity of cryptography (Corresp.) , 1979, IEEE Trans. Inf. Theory.

[4]  Alfred Menezes,et al.  Some Computational Aspects of Root Finding in GF(qm) , 1988, ISSAC.

[5]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[6]  Louis Goubin,et al.  Improved Algorithms for Isomorphisms of Polynomials , 1998, EUROCRYPT.

[7]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[8]  Don Coppersmith,et al.  Matrix multiplication via arithmetic progressions , 1987, STOC.

[9]  Gary L. Mullen,et al.  Finite fields, coding theory, and advances in communications and computing , 1993 .

[10]  E. Brickell,et al.  Cryptanalysis: a survey of recent results , 1988, Proc. IEEE.

[11]  Jacques Patarin,et al.  Asymmetric Cryptography with a Hidden Monomial , 1996, CRYPTO.

[12]  Matthew K. Franklin,et al.  Low-Exponent RSA with Related Messages , 1996, EUROCRYPT.

[13]  Jacques Stern,et al.  A New Identification Scheme Based on Syndrome Decoding , 1993, CRYPTO.

[14]  Jacques Patarin,et al.  Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88 , 1995, CRYPTO.