Abstract
In this paper, we fully break the Algebraic Surface Cryptosystem (ASC for short) proposed at PKC’2009 [3]. This system is based on an unusual problem in multivariate cryptography: the Section Finding Problem. Given an algebraic surface \(X(x,y,t)\in\mathbb{F}_p[x,y,t]\) such that \(\deg_{xy} X(x,y,t)= w\), the question is to find a pair of polynomials of degree d, u x (t) and u y (t), such that X(u x (t),u y (t),t) = 0. In ASC, the public key is the surface, and the secret key is the section. This asymmetric encryption scheme enjoys reasonable sizes of the keys: for recommended parameters, the size of the secret key is only 102 bits and the size of the public key is 500 bits. In this paper, we propose a message recovery attack whose complexity is quasi-linear in the size of the secret key. The main idea of this algebraic attack is to decompose ideals deduced from the ciphertext in order to avoid to solve the section finding problem. Experimental results show that we can break the cipher for recommended parameters (the security level is 2102) in 0.05 seconds. Furthermore, the attack still applies even when the secret key is very large (more than 10000 bits). The complexity of the attack is \(\widetilde{\mathcal{O}}(w^{7} d \log(p))\) which is polynomial with respect to all security parameters. In particular, it is quasi-linear in the size of the secret key which is (2 d + 2) log(p). This result is rather surprising since the algebraic attack is often more efficient than the legal decryption algorithm.
Chapter PDF
Similar content being viewed by others
Keywords
References
Adams, W.W., Loustaunau, P.: An introduction to Gröbner bases. American Mathematical Society (1994)
Akiyama, K., Goto, Y.: An Algebraic Surface Public-key Cryptosystem. IEIC Technical Report (Institute of Electronics, Information and Communication Engineers) 104(421), 13–20 (2004)
Akiyama, K., Goto, Y., Miyake, H.: An Algebraic Surface Cryptosystem. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, p. 442. Springer, Heidelberg (2009)
Bardet, M., Faugere, J.-C., Salvy, B.: On the complexity of Gröbner basis computation of semi-regular overdetermined algebraic equations. In: Proceedings of the International Conference on Polynomial System Solving, pp. 71–74 (2004)
Bardet, M., Faugere, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: Proceedings of the Eight International Symposium on Effective Methods in Algebraic Geometry, MEGA (2005)
Cox, D.A., Little, J.B., O’Shea, D.: Ideals, varieties, and algorithms: an introduction to computational algebraic geometry and commutative algebra. Springer, Heidelberg (1997)
Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases (F4). Journal of Pure and Applied Algebra 139, 61–88 (1999)
Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Proceedings of the 2002 international symposium on symbolic and algebraic computation, pp. 75–83. ACM, New York (2002)
Faugère, J.-C., Gianni, P., Lazard, D., Mora, T.: Efficient computation of zero-dimensional Gröbner bases by change of ordering. Journal of Symbolic Computation 16(4), 329–344 (1993)
Garey, M.R., Johnson, D.S., et al.: Computers and Intractability: A Guide to the Theory of NP-completeness. W.H. Freeman, San Francisco (1979)
Ivanov, P., Voloch, J.F.: Breaking the Akiyama-Goto cryptosystem. Arithmetic, Geometry, Cryptography and Coding Theory 487 (2009)
Iwami, M.: A Reduction Attack on Algebraic Surface Public-Key Cryptosystems. In: Workshop of Research Institute for Mathematical Sciences (RIMS) Kyoto University, New development of research on Computer Algebra, RIMS Kokyuroku, vol. 1572. Springer, Heidelberg (2007)
Lazard, D.: Gröbner bases, Gaussian elimination and resolution of systems of algebraic equations. In: EUROCAL, vol. 162, pp. 146–156. Springer, Heidelberg (1983)
Lecerf, G.: New recombination algorithms for bivariate polynomial factorization based on Hensel lifting. To appear in AAECC (2007)
Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): Two new families of asymmetric algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996)
Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: SFCS 1994: Proceedings of the 35th Annual Symposium on Foundations of Computer Science, Washington, DC, USA, pp. 124–134. IEEE Computer Society Press, Los Alamitos (1994)
Uchiyama, S., Tokunaga, H.: On the Security of the Algebraic Surface Public-key Cryptosystems. In: Proceedings of SCIS (2007)
Von Zur Gathen, J., Gerhard, J.: Modern computer algebra. Cambridge University Press, Cambridge (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Faugère, JC., Spaenlehauer, PJ. (2010). Algebraic Cryptanalysis of the PKC’2009 Algebraic Surface Cryptosystem. In: Nguyen, P.Q., Pointcheval, D. (eds) Public Key Cryptography – PKC 2010. PKC 2010. Lecture Notes in Computer Science, vol 6056. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13013-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-13013-7_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13012-0
Online ISBN: 978-3-642-13013-7
eBook Packages: Computer ScienceComputer Science (R0)