Algebraic Attack on HFE Revisited

  • Jintai Ding
  • Dieter Schmidt
  • Fabian Werner
Conference paper

DOI: 10.1007/978-3-540-85886-7_15

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5222)
Cite this paper as:
Ding J., Schmidt D., Werner F. (2008) Algebraic Attack on HFE Revisited. In: Wu TC., Lei CL., Rijmen V., Lee DT. (eds) Information Security. ISC 2008. Lecture Notes in Computer Science, vol 5222. Springer, Berlin, Heidelberg

Abstract

In this paper, we study how the algebraic attack on the HFE multivariate public key cryptosystem works if we build an HFE cryptosystem on a finite field whose characteristic is not two. Using some very basic algebraic geometry we argue that when the characteristic is not two the algebraic attack should not be polynomial in the range of the parameters which are used in practical applications. We further support our claims with extensive experiments using the Magma implementation of F4, which is currently the best publicly available implementation of the Gröbner basis algorithm. We present a new variant of the HFE cryptosystems, where we project the public key of HFE to a space of one dimension lower. This protects the system from the Kipnis-Shamir attack and makes the decryption process avoid multiple candidates for the plaintext. We propose an example for a practical application on GF(11) and suggest a test challenge on GF(7).

Keywords

HFE Gröbner basis multivariate public key cryptosystem 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Jintai Ding
    • 1
  • Dieter Schmidt
    • 1
  • Fabian Werner
    • 2
  1. 1.University of Cincinnati 
  2. 2.Technical University of Darmstadt 

Personalised recommendations