HFERP - A New Multivariate Encryption Scheme

  • Yasuhiko Ikematsu
  • Ray Perlner
  • Daniel Smith-Tone
  • Tsuyoshi Takagi
  • Jeremy VatesEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10786)


In 2016, Yasuda et al. presented a new multivariate encryption technique based on the Square and Rainbow primitives and utilizing the plus modifier that they called SRP. The scheme achieved a smaller blow-up factor between the plaintext space and ciphertext space than most recent multivariate encryption proposals, but proved to be too aggressive and was completely broken by Perlner et al. in 2017. The scheme suffered from the same MinRank weakness that has allowed effective attacks on several notable big field multivariate schemes: HFE, multi-HFE, HFE-, for example.

We propose a related new encryption scheme retaining the desirable traits of SRP and patching its weaknesses. We call the scheme HFERP because it utilizes a similar construction as SRP with an HFE primitive replacing the Square polynomial. The effect of this substitution is to increase the Q-rank of the pubic key to such a degree that the MinRank attack is impossible. HFERP still retains the relatively small blow-up factor between the plaintext space and ciphertext space, and is thus a candidate for secure multivariate encryption without an essential doubling in size between plaintext and ciphertext.


Multivariate cryptography HFE Encryption MinRank Q-rank 



The first and fourth authors were supported by JST CREST (Grant Number JPMJCR14D6).


  1. 1.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Sci. Stat. Comput. 26, 1484 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Mosca, M.: Cybersecurity in a quantum world: will we be ready? In: Workshop on Cybersecurity in a Post-Quantum World, Invited Presentation (2015).
  3. 3.
    Yasuda, T., Sakurai, K.: A multivariate encryption scheme with rainbow. In: Qing, S., Okamoto, E., Kim, K., Liu, D. (eds.) ICICS 2015. LNCS, vol. 9543, pp. 236–251. Springer, Cham (2016). Scholar
  4. 4.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999). Scholar
  5. 5.
    Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164–175. Springer, Heidelberg (2005). Scholar
  6. 6.
    Petzoldt, A., Chen, M.-S., Yang, B.-Y., Tao, C., Ding, J.: Design principles for HFEv- based multivariate signature schemes. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 311–334. Springer, Heidelberg (2015). Scholar
  7. 7.
    Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996). Scholar
  8. 8.
    Tao, C., Diene, A., Tang, S., Ding, J.: Simple matrix scheme for encryption. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 231–242. Springer, Heidelberg (2013). Scholar
  9. 9.
    Ding, J., Petzoldt, A., Wang, L.: The cubic simple matrix encryption scheme. [32], pp. 76–87 (2014)Google Scholar
  10. 10.
    Porras, J., Baena, J., Ding, J.: ZHFE, A new multivariate public key encryption scheme. [32], pp. 229–245 (2014)Google Scholar
  11. 11.
    Moody, D., Perlner, R.A., Smith-Tone, D.: An asymptotically optimal structural attack on the ABC multivariate encryption scheme. [32], pp. 180–196 (2014)Google Scholar
  12. 12.
    Moody, D., Perlner, R., Smith-Tone, D.: Key recovery attack on the cubic ABC simple matrix multivariate encryption scheme. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 543–558. Springer, Cham (2017). Scholar
  13. 13.
    Moody, D., Perlner, R.A., Smith-Tone, D.: Improved attacks for characteristic-2 parameters of the cubic ABC simple matrix encryption scheme. [31], pp. 255–271 (2017)Google Scholar
  14. 14.
    Cabarcas, D., Smith-Tone, D., Verbel, J.A.: Key recovery attack for ZHFE. [31], pp. 289–308 (2017)Google Scholar
  15. 15.
    Vates, J., Smith-Tone, D.: Key recovery attack for all parameters of HFE-. [31], pp. 272–288 (2017)Google Scholar
  16. 16.
    Perlner, R., Petzoldt, A., Smith-Tone, D.: Total break of the SRP encryption scheme. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 355–373. Springer, Cham (2018). Scholar
  17. 17.
    Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Barstow, D., Brauer, W., Brinch Hansen, P., Gries, D., Luckham, D., Moler, C., Pnueli, A., Seegmüller, G., Stoer, J., Wirth, N., Günther, C.G. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988). Scholar
  18. 18.
    Berlekamp, E.R.: Factoring polynomials over large finite fields. Math. Comput. 24, 713–735 (1970)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Clough, C., Baena, J., Ding, J., Yang, B.-Y., Chen, M.: Square, a new multivariate encryption scheme. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 252–264. Springer, Heidelberg (2009). Scholar
  20. 20.
    Patarin, J.: The oil and vinegar algorithm for signatures. Presented at the Dagsthul Workshop on Cryptography (1997)Google Scholar
  21. 21.
    Patarin, J., Goubin, L., Courtois, N.: \(C_{-+}^{*}\), and HM: variations around two schemes of T. Matsumoto and H. Imai. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 35–50. Springer, Heidelberg (1998). Scholar
  22. 22.
    Kipnis, A., Shamir, A.: Cryptanalysis of the oil and vinegar signature scheme. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 257–266. Springer, Heidelberg (1998). Scholar
  23. 23.
    Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999). Scholar
  24. 24.
    Faugère, J., Din, M.S.E., Spaenlehauer, P.: Computing loci of rank defects of linear matrices using Gröbner bases and applications to cryptology. In: Koepf, W. (ed.) Proceedings of International Symposium on Symbolic and Algebraic Computation, ISSAC 2010, Munich, Germany, 25–28 July 2010, pp. 257–264. ACM (2010)Google Scholar
  25. 25.
    Bettale, L., Faugère, J., Perret, L.: Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Cryptogr. 69, 1–52 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  26. 26.
    Ding, J., Hodges, T.J.: Inverting HFE systems is quasi-polynomial for all fields. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 724–742. Springer, Heidelberg (2011). Scholar
  27. 27.
    Goubin, L., Courtois, N.T.: Cryptanalysis of the TTM cryptosystem. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 44–57. Springer, Heidelberg (2000). Scholar
  28. 28.
    Bosma, W., Cannon, J., Playoust, C.: The Magma algebra system. I: the user language. J. Symb. Comput. 24, 235–265 (1997). Computational algebra and number theory (London, 1993)MathSciNetCrossRefzbMATHGoogle Scholar
  29. 29.
    Yang, B.-Y., Chen, J.-M.: Theoretical analysis of XL over small fields. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 277–288. Springer, Heidelberg (2004). Scholar
  30. 30.
    Bardet, M., Faugre, J., Salvy, B., Yang, B.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: MEGA 2005 Eighth International Symposium On Effective Methods in Algebraic Geometry (2005)Google Scholar
  31. 31.
    Lange, T., Takagi, T. (eds.): PQCrypto 2017. LNCS, vol. 10346. Springer, Cham (2017). Scholar
  32. 32.
    Mosca, M. (ed.): PQCrypto 2014. LNCS, vol. 8772. Springer, Cham (2014). Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature (outside the US) 2018

Authors and Affiliations

  • Yasuhiko Ikematsu
    • 3
  • Ray Perlner
    • 2
  • Daniel Smith-Tone
    • 1
    • 2
  • Tsuyoshi Takagi
    • 3
  • Jeremy Vates
    • 1
    Email author
  1. 1.Department of MathematicsUniversity of LouisvilleLouisvilleUSA
  2. 2.National Institute of Standards and TechnologyGaithersburgUSA
  3. 3.Institute of Mathematics for IndustryKyushu UniversityFukuokaJapan

Personalised recommendations