Advertisement

Improved Cryptanalysis of HFEv- via Projection

  • Jintai Ding
  • Ray Perlner
  • Albrecht Petzoldt
  • Daniel Smith-Tone
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10786)

Abstract

The HFEv- signature scheme is one of the most studied multivariate schemes and one of the major candidates for the upcoming standardization of post-quantum digital signature schemes. In this paper, we propose three new attack strategies against HFEv-, each of them using the idea of projection. Especially our third attack is very effective and is, for some parameter sets, the most efficient known attack against HFEv-. Furthermore, our attack requires much less memory than direct and rank attacks. By our work, we therefore give new insights in the security of the HFEv- signature scheme and restrictions for the parameter choice of a possible future standardized HFEv- instance.

Keywords

Multivariate cryptography HFEv- MinRank Gröbner basis Projection 

Notes

Acknowledgements

We thank the anonymous reviewers of PQCrypto for their valuable comments which helped to improve this paper. In particular we want to thank the shepherd for her help in creating the final version of this paper.

References

  1. 1.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_15Google Scholar
  2. 2.
    Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005).  https://doi.org/10.1007/11496137_12CrossRefGoogle Scholar
  3. 3.
    Patarin, J., Courtois, N., Goubin, L.: QUARTZ, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45353-9_21CrossRefGoogle Scholar
  4. 4.
    Bettale, L., Faugère, J.C., Perret, L.: Hybrid approach for solving multivariate systems over finite fields. J. Math. Cryptol. 3, 177–197 (2009)MathSciNetCrossRefMATHGoogle Scholar
  5. 5.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman & Co., New York (1979)MATHGoogle Scholar
  6. 6.
    Patarin, J.: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68339-9_4Google Scholar
  7. 7.
    Faugère, J.-C., Joux, A.: Algebraic cryptanalysis of Hidden Field Equation (HFE) cryptosystems using Gröbner bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 44–60. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45146-4_3CrossRefGoogle Scholar
  8. 8.
    Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_2Google Scholar
  9. 9.
    Courtois, N., Klimov, A., Patarin, J., Shamir, A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 392–407. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-45539-6_27CrossRefGoogle Scholar
  10. 10.
    Faugere, J.C.: A new efficient algorithm for computing Gröbner bases (F4). J. Pure Appl. Algebra 139, 61–88 (1999)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Faugere, J.C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (f5). In: ISSAC 2002, pp. 75–83. ACM Press (2002)Google Scholar
  12. 12.
    Mohamed, M.S.E., Ding, J., Buchmann, J.: Towards algebraic cryptanalysis of HFE challenge 2. In: Kim, T., Adeli, H., Robles, R.J., Balitanas, M. (eds.) ISA 2011. CCIS, vol. 200, pp. 123–131. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-23141-4_12CrossRefGoogle Scholar
  13. 13.
    Ding, J., Hodges, T.J.: Inverting HFE systems is quasi-polynomial for all fields. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 724–742. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_41CrossRefGoogle Scholar
  14. 14.
    Ding, J., Kleinjung, T.: Degree of regularity for HFE-. IACR Cryptology ePrint Archive 2011, 570 (2011)Google Scholar
  15. 15.
    Ding, J., Yang, B.-Y.: Degree of regularity for HFEv and HFEv-. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 52–66. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38616-9_4CrossRefGoogle Scholar
  16. 16.
    Bettale, L., Faugère, J., Perret, L.: Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Cryptogr. 69, 1–52 (2013)MathSciNetCrossRefMATHGoogle Scholar
  17. 17.
    Porras, J., Baena, J., Ding, J.: ZHFE, a new multivariate public key encryption scheme. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 229–245. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11659-4_14Google Scholar
  18. 18.
    Cabarcas, D., Smith-Tone, D., Verbel, J.A.: Key recovery attack for ZHFE. [22], pp. 289–308 (2017).  https://doi.org/10.1007/978-3-319-59879-6_17
  19. 19.
    Vates, J., Smith-Tone, D.: Key recovery attack for all parameters of HFE-. [22], pp. 272–288 (2017).  https://doi.org/10.1007/978-3-319-59879-6_16
  20. 20.
    Petzoldt, A.: On the complexity of the hybrid approach on HFEv-. Cryptology ePrint Archive, Report 2017/1135 (2017). https://eprint.iacr.org/2017/1135
  21. 21.
    Yang, B.-Y., Chen, J.-M.: Theoretical analysis of XL over small fields. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 277–288. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-27800-9_24CrossRefGoogle Scholar
  22. 22.
    Lange, T., Takagi, T. (eds.): PQCrypto 2017. LNCS, vol. 10346. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-59879-6Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature (outside the US) 2018

Authors and Affiliations

  • Jintai Ding
    • 1
  • Ray Perlner
    • 2
  • Albrecht Petzoldt
    • 2
  • Daniel Smith-Tone
    • 2
    • 3
  1. 1.Department of Mathematical SciencesUniversity of CincinnatiCincinnatiUSA
  2. 2.National Institute of Standards and TechnologyGaithersburgUSA
  3. 3.Department of MathematicsUniversity of LouisvilleLouisvilleUSA

Personalised recommendations