Differential Properties of the HFE Cryptosystem
Multivariate Public Key Cryptography (MPKC) has been put forth as a possible post-quantum family of cryptographic schemes. These schemes lack provable security in the reduction theoretic sense, and so their security against yet undiscovered attacks remains uncertain. The effectiveness of differential attacks on various field-based systems has prompted the investigation of differential properties of multivariate schemes to determine the extent to which they are secure from differential adversaries. Due to its role as a basis for both encryption and signature schemes we contribute to this investigation focusing on the HFE cryptosystem. We derive the differential symmetric and invariant structure of the HFE central map and that of HFE − and provide a collection of parameter sets which make these HFE systems provably secure against a differential symmetric or differential invariant attack.
Unable to display preview. Download preview PDF.
- 3.Perlner, R.A., Smith-Tone, D.: A classification of differential invariants for multivariate post-quantum cryptosystems. In: , pp. 165–173Google Scholar
- 6.Patarin, J.: Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt’88. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 248–261. Springer, Heidelberg (1995)Google Scholar
- 10.Ding, J., Kleinjung, T.: Degree of regularity for hfe-. IACR Cryptology ePrint Archive 2011, 570 (2011)Google Scholar
- 11.Ding, J., Yang, B.Y.: Degree of regularity for hfev and hfev-. In:  pp. 52–66Google Scholar
- 14.Patarin, J.: The oil and vinegar algorithm for signatures. Presented at the Dagsthul Workshop on Cryptography (1997)Google Scholar
- 15.Moody, D., Perlner, R.A., Smith-Tone, D.: An asymptotically optimal structural attack on the abc multivariate encryption scheme. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 180–196. Springer, Heidelberg (2014)Google Scholar
- 23.Bardet, M., Faugere, J.C., Salvy, B.: On the complexity of gröbner basis computation of semi-regular overdetermined algebraic equations. In: Proceedings of the International Conference on Polynomial System Solving (2004)Google Scholar