Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases

In this paper, we review and explain the existing algebraic cryptanalysis of multivariate cryptosystems from the hidden field equation (HFE) family. These cryptanalysis break cryptosystems in the HFE family by solving multivariate systems of equations. In this paper we present a new and efficient attack of this cryptosystem based on fast algorithms for computing Grobner basis. In particular it was was possible to break the first HFE challenge (80 bits) in only two days of CPU time by using the new algorithm F5 implemented in C.

[1]  J. Faugère,et al.  On the complexity of Gröbner basis computation of semi-regular overdetermined algebraic equations , 2004 .

[2]  Jean Charles Faugère,et al.  A new efficient algorithm for computing Gröbner bases without reduction to zero (F5) , 2002, ISSAC '02.

[3]  Adi Shamir,et al.  Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations , 2000, EUROCRYPT.

[4]  Ariel Shamir,et al.  Cryptanalysis of the oil and vinegar signature scheme , 1998 .

[5]  J. Faugère A new efficient algorithm for computing Gröbner bases (F4) , 1999 .

[6]  Jacques Patarin,et al.  Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88 , 1995, CRYPTO.

[7]  Peter L. Montgomery,et al.  A Block Lanczos Algorithm for Finding Dependencies Over GF(2) , 1995, EUROCRYPT.

[8]  Heinz Kredel,et al.  Gröbner Bases: A Computational Approach to Commutative Algebra , 1993 .

[9]  Bruno Buchberger,et al.  A criterion for detecting unnecessary reductions in the construction of Groebner bases , 1979, EUROSAM.

[10]  Jean-Charles Faugère,et al.  Complexity of Gröbner basis computation for Semi-regular Overdetermined sequences over F_2 with solutions in F_2 , 2002 .

[11]  A. Shamir,et al.  Cryptanalysis of the HFE Public Key Cryptosystem , 1999 .

[12]  Jean-Charles Faugère Algebraic cryptanalysis of HFE using Gröbner bases , 2002 .

[13]  Nicolas Courtois,et al.  The Security of Hidden Field Equations (HFE) , 2001, CT-RSA.

[14]  Daniel Lazard,et al.  Gröbner-Bases, Gaussian elimination and resolution of systems of algebraic equations , 1983, EUROCAL.

[15]  Adi Shamir,et al.  Cryptanalysis of the Oil & Vinegar Signature Scheme , 1998, CRYPTO.

[16]  Marine Minier,et al.  Cryptanalysis of SFLASH , 2002, EUROCRYPT.

[17]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[18]  D. Kirby THE ALGEBRAIC THEORY OF MODULAR SYSTEMS , 1996 .

[19]  D. Coppersmith Solving homogeneous linear equations over GF (2) via block Wiedemann algorithm , 1994 .

[20]  Jacques Patarin,et al.  Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms , 1996, EUROCRYPT.

[21]  David A. Cox,et al.  Using Algebraic Geometry , 1998 .