Skip to main content
SpringerLink
Log in

Solving Multiple Right Hand Sides linear equations

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

A new method for solving algebraic equation systems common in cryptanalysis is proposed. Our method differs from the others in that the equations are not represented as multivariate polynomials, but as a system of Multiple Right Hand Sides linear equations. The method was tested on scaled versions of the AES. The results overcome significantly what was previously achieved with Gröbner Basis related algorithms.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Bard G., Courtois N., Jefferson C.: Efficient methods for conversion and solution of sparse systems of low-degree multivariate polynomials over GF(2) via SAT-solvers. Cryptology ePrint Archive, 2007/024, 25 January (2007).

    Google Scholar 

  2. Cheon J.H., Lee D.H.: Resistance of S-Boxes against Algebraic Attacks. In: Fast Software Encryption 2004, LNCS 3017, pp. 83–94. Springer-Verlag (2004).

  3. Cid C., Murphy S., Robshaw M.: Small scale variants of the AES. In: FSE 2005, LNCS 3557, pp. 145–162. Springer-Verlag (2005).

  4. Courtois N.: The security of hidden field equations (HFE). In: CT-RSA 2001, LNCS 2020, pp. 266–281. Springer-Verlag (2001).

  5. Courtois N., Pieprzyk J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Asiacrypt 2002, LNCS 2501, pp. 267–287. Springer-Verlag (2002).

  6. Courtois N., Meier W.: Algebraic attacks on stream ciphers with linear feedback. In: Eurocrypt 2003, LNCS 2656, pp. 345–359. Springer-Verlag (2003).

  7. Daemen J., Rijmen V.: The design of rijndael; AES—the advanced encryption standard. Springer-Verlag (2002).

  8. Faugère J.-C.: A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra 139, 61–88 (1999).

    Article  MATH  MathSciNet  Google Scholar 

  9. Faugère J.-C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Proceedings of ISSAC ’02, pp. 75–83. ACM Press (2002).

  10. Raddum H., Semaev I.: New technique for solving sparse equation systems, Ecrypt’s STVL website, January 16th 2006, see also Cryptology ePrint Archive, 2006/475 (2006).

  11. Raddum H., Semaev I.: Solving MRHS linear equations. Extended abstract. In: Proceedings of WCC’07, 16-20 Avril 2007, Versailles, France, INRIA, 323–332, Full paper is accepted in Designs, Codes and Cryptography (2007).

  12. Shamir A., Patarin J., Courtois N., Klimov A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Eurocrypt 2000, LNCS 1807, pp. 392–407. Springer-Verlag (2000).

  13. Zakrevskij A., Vasilkova I.: Reducing large systems of Boolean equations. In: 4th International Workshop on Boolean Problems, Freiberg University, September, 21–22 (2000).

Download references

Author information

Authors and Affiliations

  1. Department of Informatics, University of Bergen, Bergen, Norway

    Håvard Raddum & Igor Semaev

Authors
  1. Håvard Raddum
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Igor Semaev
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Igor Semaev.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Raddum, H., Semaev, I. Solving Multiple Right Hand Sides linear equations. Des. Codes Cryptogr. 49, 147–160 (2008). https://doi.org/10.1007/s10623-008-9180-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-008-9180-z

Keywords

AMS Classifications

Search

Navigation