Rank Analysis of Cubic Multivariate Cryptosystems

In this work we analyze the security of cubic cryptographic constructions with respect to rank weakness. We detail how to extend the big field idea from quadratic to cubic, and show that the same rank defect occurs. We extend the min-rank problem and propose an algorithm to solve it in this setting. We show that for fixed small rank, the complexity is even lower than for the quadratic case. However, the rank of a cubic polynomial in n variables can be larger than n, and in this case the algorithm is very inefficient. We show that the rank of the differential is not necessarily smaller, rendering this line of attack useless if the rank is large enough. Similarly, the algebraic attack is exponential in the rank, thus useless for high rank.

[1]  Christophe Petit,et al.  First fall degree and Weil descent , 2014, Finite Fields Their Appl..

[2]  H. Niederreiter,et al.  Finite Fields: Encyclopedia of Mathematics and Its Applications. , 1997 .

[3]  Louis Goubin,et al.  QUARTZ, 128-Bit Long Digital Signatures , 2001, CT-RSA.

[4]  B. Salvy,et al.  Asymptotic Behaviour of the Degree of Regularity of Semi-Regular Polynomial Systems , 2022 .

[5]  Daniel Smith-Tone,et al.  Improved Attacks for Characteristic-2 Parameters of the Cubic ABC Simple Matrix Encryption Scheme , 2017, PQCrypto.

[6]  Jeffrey Shallit,et al.  The Computational Complexity of Some Problems of Linear Algebra , 1996 .

[7]  Christopher J. Hillar,et al.  Most Tensor Problems Are NP-Hard , 2009, JACM.

[8]  S. Friedland,et al.  Best approximation on semi-algebraic sets and k-border rank approximation of symmetric tensors , 2013, 1311.1561.

[9]  J. Faugère A new efficient algorithm for computing Gröbner bases (F4) , 1999 .

[10]  Luk Bettale,et al.  Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic , 2012, Designs, Codes and Cryptography.

[11]  Marc Stevens,et al.  M4GB: An Efficient Gröbner-Basis Algorithm , 2017, ISSAC.

[12]  Jean Charles Faugère,et al.  A new efficient algorithm for computing Gröbner bases without reduction to zero (F5) , 2002, ISSAC '02.

[13]  Bo-Yin Yang,et al.  Building Secure Tame-like Multivariate Public-Key Cryptosystems: The New TTS , 2005, ACISP.

[14]  Daniel Smith-Tone,et al.  Key Recovery Attack on the Cubic ABC Simple Matrix Multivariate Encryption Scheme , 2016, SAC.

[15]  Louis Goubin,et al.  Cryptanalysis of the TTM Cryptosystem , 2000, ASIACRYPT.

[16]  Jintai Ding,et al.  The Cubic Simple Matrix Encryption Scheme , 2014, PQCrypto.

[17]  Ludovic Perret,et al.  Cryptanalysis of MinRank , 2008, CRYPTO.

[18]  Daniel Panario,et al.  Computing Gröbner bases associated with lattices , 2016, Adv. Math. Commun..

[19]  J. Kruskal Three-way arrays: rank and uniqueness of trilinear decompositions, with application to arithmetic complexity and statistics , 1977 .

[20]  Daniel Panario,et al.  Gröbner bases for lattices and an algebraic decoding algorithm , 2011, 2011 49th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[21]  Jintai Ding,et al.  Inverting HFE Systems Is Quasi-Polynomial for All Fields , 2011, CRYPTO.

[22]  T. Howell,et al.  Global properties of tensor rank , 1978 .

[23]  Jintai Ding,et al.  ZHFE, a New Multivariate Public Key Encryption Scheme , 2014, PQCrypto.

[24]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[25]  Shmuel Friedland,et al.  Remarks on the Symmetric Rank of Symmetric Tensors , 2015, SIAM J. Matrix Anal. Appl..

[26]  Daniel Smith-Tone,et al.  An Asymptotically Optimal Structural Attack on the ABC Multivariate Encryption Scheme , 2014, PQCrypto.

[27]  Yasufumi Hashimoto,et al.  Multivariate Public Key Cryptosystems , 2017, CREST Crypto-Math Project.

[28]  Mohab Safey El Din,et al.  Gröbner bases of bihomogeneous ideals generated by polynomials of bidegree (1, 1): Algorithms and complexity , 2010, J. Symb. Comput..

[29]  Bo-Yin Yang,et al.  Odd-Char Multivariate Hidden Field Equations , 2008, IACR Cryptol. ePrint Arch..

[30]  Jacques Patarin,et al.  Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms , 1996, EUROCRYPT.

[31]  J. Landsberg Tensors: Geometry and Applications , 2011 .

[32]  Pierre-Jean Spaenlehauer,et al.  Solving multi-homogeneous and determinantal systems: algorithms, complexity, applications. (Résolution de systèmes multi-homogènes et déterminantiels : algorithmes, complexité, applications) , 2012 .

[33]  Adi Shamir,et al.  Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization , 1999, CRYPTO.