QUAD: A Practical Stream Cipher with Provable Security

We introduce a practical stream cipher with provable security named QUAD. The cipher relies on the iteration of a multivariate quadratic system of m equations in n < m unknowns over a finite field. The security of the keystream generation of QUAD is provably reducible to the conjectured intractability of the MQ problem, namely solving a multivariate system of quadratic equations. Our recommended version of QUAD uses a 80-bit key, 80-bit IV and an internal state of n = 160 bits. It outputs 160 keystream bits (m = 320) at each iteration until 240 bits of keystream have been produced.

[1]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[2]  室 章治郎 Michael R.Garey/David S.Johnson 著, "COMPUTERS AND INTRACTABILITY A guide to the Theory of NP-Completeness", FREEMAN, A5判変形判, 338+xii, \5,217, 1979 , 1980 .

[3]  Aviezri S. Fraenkel,et al.  Complexity of Solving Algebraic Equations , 1980, Inf. Process. Lett..

[4]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[5]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[6]  Rudolf Lide,et al.  Finite fields , 1983 .

[7]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[8]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[9]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[10]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[11]  Oded Goldreich,et al.  Three XOR-Lemmas - An Exposition , 1995, Electron. Colloquium Comput. Complex..

[12]  Jacques Stern,et al.  An Efficient Pseudo-Random Generator Provably as Secure as Syndrome Decoding , 1996, EUROCRYPT.

[13]  Louis Goubin,et al.  Asymmetric cryptography with S-Boxes , 1997, ICICS.

[14]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[15]  Rosario Gennaro,et al.  An Improved Pseudo-random Generator Based on Discrete Log , 2000, CRYPTO.

[16]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[17]  N. Courtois,et al.  Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations , 2000, EUROCRYPT.

[18]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[19]  Mihir Bellare,et al.  Lecture Notes on Cryptography , 2001 .

[20]  Shai Halevi,et al.  Cryptanalysis of Stream Ciphers with Linear Masking , 2002, CRYPTO.

[21]  Willi Meier,et al.  Solving Underdefined Systems of Multivariate Quadratic Equations , 2002, Public Key Cryptography.

[22]  Jacques Patarin,et al.  About the XL Algorithm over GF(2) , 2003, CT-RSA.

[23]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[24]  Magali Bardet,et al.  Étude des systèmes algébriques surdéterminés. Applications aux codes correcteurs et à la cryptographie , 2004 .

[25]  Claus Diem,et al.  The XL-Algorithm and a Conjecture from Commutative Algebra , 2004, ASIACRYPT.

[26]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 2004, Journal of Cryptology.

[27]  K. Conrad,et al.  Finite Fields , 2018, Series and Products in the Development of Mathematics.

[28]  Hideki Imai,et al.  Comparison Between XL and Gröbner Basis Algorithms , 2004, ASIACRYPT.

[29]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[30]  Pr The Goldreich-levin Theorem , .