Public-Key Cryptography from New Multivariate Quadratic Assumptions

In this work, we study a new multivariate quadratic (MQ) assumption that can be used to construct public-key encryptions. In particular, we research in the following two directions: We establish a precise asymptotic formulation of a family of hard MQ problems, and provide empirical evidence to confirm the hardness. We construct public-key encryption schemes, and prove their security under the hardness assumption of this family. Also, we provide a new perspective to look at MQ systems that plays a key role to our design and proof of security. As a consequence, we construct the first public-key encryption scheme that is provably secure under the MQ assumption. Moreover, our public-key encryption scheme is efficient in the sense that it only needs a ciphertext length L +poly(k ) to encrypt a message M ∈{0, 1}L for any un-prespecified polynomial L , where k is the security parameter. This is essentially optimal since an additive overhead is the best we can hope for.

[1]  Josef Pieprzyk,et al.  Cryptanalysis of Block Ciphers with Overdefined Systems of Equations , 2002, ASIACRYPT.

[2]  Luk Bettale,et al.  Cryptanalysis of Multivariate and Odd-Characteristic HFE Variants , 2011, Public Key Cryptography.

[3]  Jacques Stern,et al.  Practical Cryptanalysis of SFLASH , 2007, CRYPTO.

[4]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[5]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[6]  Thomas Holenstein,et al.  Pseudorandom Generators from One-Way Functions: A Simple Construction for Any Hardness , 2006, TCC.

[7]  Robert J. McEliece,et al.  A public key cryptosystem based on algebraic coding theory , 1978 .

[8]  Claus Diem,et al.  The XL-Algorithm and a Conjecture from Commutative Algebra , 2004, ASIACRYPT.

[9]  Ronitt Rubinfeld,et al.  Learning Polynomials with Queries: The Highly Noisy Case , 2000, SIAM J. Discret. Math..

[10]  Yannick Seurin,et al.  Analysis of Intermediate Field Systems , 2009, IACR Cryptol. ePrint Arch..

[11]  Louis Goubin,et al.  Asymmetric cryptography with S-Boxes , 1997, ICICS.

[12]  Avi Wigderson,et al.  Public-key cryptography from different assumptions , 2010, STOC '10.

[13]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[14]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[15]  Bo-Yin Yang,et al.  Odd-Char Multivariate Hidden Field Equations , 2008, IACR Cryptol. ePrint Arch..

[16]  Leonard J. Schulman Proceedings of the 42nd ACM Symposium on Theory of Computing, STOC 2010, Cambridge, Massachusetts, USA, 5-8 June 2010 , 2010, STOC.

[17]  Jacques Patarin,et al.  Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88 , 1995, CRYPTO.

[18]  Phong Q. Nguyen,et al.  BKZ 2.0: Better Lattice Security Estimates , 2011, ASIACRYPT.

[19]  Bo-Yin Yang,et al.  Analysis of QUAD , 2007, FSE.

[20]  Jacques Patarin,et al.  Asymmetric Cryptography with a Hidden Monomial , 1996, CRYPTO.

[21]  Feng-Hao Liu,et al.  Secure PRNGs from Specialized Polynomial Maps over Any , 2008, PQCrypto.

[22]  Chen-Mou Cheng,et al.  Could SFLASH be Repaired? , 2008, ICALP.

[23]  Bo-Yin Yang,et al.  On Asymptotic Security Estimates in XL and Gröbner Bases-Related Algebraic Cryptanalysis , 2004, ICICS.

[24]  Russell Impagli A Personal View of Average-Case Complexity , 1995 .

[25]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[26]  E. Kushilevitz Foundations of Cryptography Foundations of Cryptography , 2014 .

[27]  Jacques Patarin,et al.  QUAD: A Practical Stream Cipher with Provable Security , 2006, EUROCRYPT.

[28]  Andrey Bogdanov,et al.  Time-Area Optimized Public-Key Engines: MQ-Cryptosystems as Replacement for Elliptic Curves? , 2008, IACR Cryptol. ePrint Arch..

[29]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[30]  F. S. Macaulay Some Formulæ in Elimination , 1902 .

[31]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[32]  Cynthia Dwork,et al.  A public-key cryptosystem with worst-case/average-case equivalence , 1997, STOC '97.

[33]  J. Faugère,et al.  On the complexity of Gröbner basis computation of semi-regular overdetermined algebraic equations , 2004 .

[34]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[35]  Yael Tauman Kalai,et al.  Public-Key Encryption Schemes with Auxiliary Inputs , 2010, TCC.

[36]  Aviezri S. Fraenkel,et al.  Complexity of Solving Algebraic Equations , 1980, Inf. Process. Lett..

[37]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[38]  Jean Charles Faugère,et al.  A new efficient algorithm for computing Gröbner bases without reduction to zero (F5) , 2002, ISSAC '02.

[39]  Louis Goubin,et al.  C*-+ and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai , 1998, ASIACRYPT.

[40]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[41]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[42]  Chen-Mou Cheng,et al.  SSE Implementation of Multivariate PKCs on Modern x86 CPUs , 2009, CHES.

[43]  Burton S. Kaliski,et al.  A Pseudo-Random Bit Generator Based on Elliptic Logarithms , 1986, CRYPTO.

[44]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[45]  Reza Rezaeian Farashahi,et al.  Efficient Pseudorandom Generators Based on the DDH Assumption , 2007, Public Key Cryptography.

[46]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[47]  Omer Reingold,et al.  Efficiency improvements in constructing pseudorandom generators from one-way functions , 2010, STOC '10.

[48]  Hideki Imai,et al.  Comparison Between XL and Gröbner Basis Algorithms , 2004, ASIACRYPT.

[49]  Adi Shamir,et al.  Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations , 2000, EUROCRYPT.

[50]  Hideki Imai,et al.  Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption , 1988, EUROCRYPT.

[51]  Antoine Joux,et al.  Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases , 2003, CRYPTO.

[52]  Bo-Yin Yang,et al.  All in the XL Family: Theory and Practice , 2004, ICISC.

[53]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[54]  Jacques Stern,et al.  Cryptanalysis of SFLASH with Slightly Modified Parameters , 2007, EUROCRYPT.

[55]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.