Asymmetric cryptography with S-Boxes Is it easier than expected to design efficient asymmetric cryptosystems?
In this paper, we study some new “candidate” asymmetric cryptosystems based on the idea of hiding one or two rounds of small S-box computations with secret functions of degree one or two. The C” scheme of  (when its n i values are small can be seen as a very special case of these schemes. This C” scheme was broken in  due to unexpected algebraic properties. In the new schemes, those algebraic properties generally do not exist. Nevertheless, we will see that most of the “new” algorithms can also be broken and we deduce some very different cryptanalysis of C”.
However, we were not able to find the cryptanalysis of all the new schemes, for example for two round schemes. An interest of the paper lies therefore in the highlighting of these new schemes. The main practical advantage of these schemes is that secret computations are easy and can be performed in low-cost smartcards.
An extended version of this paper can be obtained from the authors.
KeywordsFinite Field Multivariate Polynomial Round Function Functional Decomposition Differential Cryptanalysis
Unable to display preview. Download preview PDF.
- 1.Eli Biham, Adi Shamir, Differential Cryptanalysis of the full 16-Round DES, CRYPTO'92, Springer-Verlag, pp. 487–496.Google Scholar
- 2.Ian Blake, XuHong Gao, Ronald Mullin, Scott Vanstone, Tomik Yaghoobian, Applications of finite Fields, Kluwer Academic Publishers, p. 25.Google Scholar
- 3.Matthew Dickerson, The functional Decomposition of Polynomials, Ph.D Thesis, TR 89-1023, Department of Computer Science, Cornell University, Ithaca, NY, July 1989.Google Scholar
- 4.Matthew Dickerson, The Inverse of an Automorphism in polynomial Time, IEEE 30th annual symposium on Foundations of Computer Science (FOGS), 1989, pp. 82–87.Google Scholar
- 5.Harriet Fell and Whitfield Diffie, Analysis of a public Key Approach based on polynomial Substitutions, CRYPTO'85, Springer-Verlag, pp. 340–349.Google Scholar
- 6.Michael Garey, David Johnson, Computers and Intractability, a Guide to the Theory of NP-Completeness, Freeman, p. 251.Google Scholar
- 7.Henri Gilbert, Pascal Chauvaud, A chosen Plaintext Attack of the 16-Round Khufu Cryptosystem, CRYPTO'94, Springer-Verlag, pp. 359–368.Google Scholar
- 8.Joe Kilian, Phillip Rogaway, How to protect DES against eshaustive Key Search, CRYPTO'96, Springer-Verlag, pp. 252–267.Google Scholar
- 9.Rudolf Lidl, Harald Niederreiter, Finite Fields, Encyclopedia of Mathematics and its applications, volume 20, Cambridge University Press, p. 287.Google Scholar
- 10.Tsutomu Matsumoto, Hideki Imai, Public quadratic polynomial-Tuples for efficient Signature-Verification and Message-Encryption, EUCROCRYPT'88, Springer-Verlag, pp. 419–453.Google Scholar
- 11.Jacques Patarin, Cryptanalysis of the Matsumoto and Imai public Key Scheme of Eurocrypt'88, CRYPTO'95, Springer-Verlag, pp. 248–261.Google Scholar
- 12.Jacques Patarin, Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): two new Families of asymmetric Algorithms, EUROCRYPT'96, Springer-Verlag, pp. 33–48.Google Scholar
- 13.Jacques Patarin, Asymmetric Cryptography with a hidden Monomial, CRYPTO'96, Springer-Verlag, pp. 45–60.Google Scholar
- 14.Jacques Patarin, Louis Goubin, Trapdoor one-way permutations and multivariate polynomials, IC ICS'97 (this conference).Google Scholar
- 15.Joachim von zur Gathen, Functional Decomposition of Polynomials: the tame Case, J. Symbolic Computation (1990), vol. 9, pp. 281–299.Google Scholar
- 16.Joachim von zur Gathen, Functional Decomposition of Polynomials: the wild Case, J. Symbolic Computation (1990), vol. 10, pp. 437–452.Google Scholar