Attacking a polynomial-based cryptosystem: Polly Cracker

Abstract.We describe several attacks on Polly Cracker, a public key cryptosystem proposed by Fellows and Koblitz. The first kind of attack shows that variations in the CPU time needed for evaluating polynomials can leak significant information about the secret key. This kind of attack might also be of interest when dealing with other cryptosystems using polynomial evaluations, like Patarin’s hidden fields equations.Next, we exhibit some “structural” weaknesses in Polly Cracker’s encryption procedure. In particular, we demonstrate that with the parameters considered in a book by Koblitz it is often possible to reveal the private key easily.

[1]  M. Fellows Combinatorial Cryptosystems Galore! , 2022 .

[2]  Jacques Patarin,et al.  Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms , 1996, EUROCRYPT.

[3]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[4]  Igor E. Shparlinski,et al.  Cryptographic Applications of Sparse Polynomials over Finite Rings , 2000, ICISC.

[5]  Robert H. Deng,et al.  Cryptanalysis of Two Sparse Polynomial Based Public Key Cryptosystems , 2001, Public Key Cryptography.

[6]  Igor E. Shparlinski,et al.  A Public Key Cryptosystem Based on Sparse Polynomials , 2000 .

[7]  Igor E. Shparlinski,et al.  An Identification Scheme Based on Sparse Polynomials , 2000, Public Key Cryptography.

[8]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[9]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[10]  John J. Cannon,et al.  The Magma Algebra System I: The User Language , 1997, J. Symb. Comput..

[11]  Dennis Hofheinz,et al.  A "differential" attack on Polly Cracker , 2002, Proceedings IEEE International Symposium on Information Theory,.

[12]  Johannes Buchmann,et al.  Coding Theory, Cryptography and Related Areas , 2000, Springer Berlin Heidelberg.

[13]  Thomas Beth,et al.  A Theoretical DPA-Based Cryptanalysis of the NESSIE Candidates FLASH and SFLASH , 2001, ISC.

[14]  Neal Koblitz,et al.  Algebraic aspects of cryptography , 1998, Algorithms and computation in mathematics.

[15]  D. Welsh,et al.  A Spectral Technique for Coloring Random 3-Colorable Graphs , 1994 .