Improved Attacks for Characteristic-2 Parameters of the Cubic ABC Simple Matrix Encryption Scheme

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10346)


In the last few years multivariate public key cryptography has experienced an infusion of new ideas for encryption. Among these new strategies is the ABC Simple Matrix family of encryption schemes which utilize the structure of a large matrix algebra to construct effectively invertible systems of nonlinear equations hidden by an isomorphism of polynomials. One promising approach to cryptanalyzing these schemes has been structural cryptanalysis, based on applying a strategy similar to MinRank attacks to the discrete differential. These attacks however have been significantly more expensive when applied to parameters using fields of characteristic 2, which have been the most common choice for published parameters. This disparity is especially great for the cubic version of the Simple Matrix Encryption Scheme.

In this work, we demonstrate a technique that can be used to implement a structural attack which is as efficient against parameters of characteristic 2 as are attacks against analogous parameters over higher characteristic fields. This attack demonstrates that, not only is the cubic simple matrix scheme susceptible to structural attacks, but that the published parameters claiming 80 bits of security are less secure than claimed (albeit only slightly.) Similar techniques can also be applied to improve structural attacks against the original Simple Matrix Encryption scheme, but they represent only a modest improvement over previous structural attacks. This work therefore demonstrates that choosing a field of characteristic 2 for the Simple Matrix Encryption Scheme or its cubic variant will not provide any additional security value.


Multivariate public key cryptography Differential invariant MinRank Encryption 


  1. 1.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Sci. Stat. Comp. 26, 1484 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Feynman, R.P.: Simulating physics with computers. Int. J. Theor. Phys. 21, 467–488 (1982)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Group, C.T.: Submission requirements and evaluation criteria for the post-quantum cryptogra-phy standardization process. NIST CSRC (2016).
  4. 4.
    Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206–222. Springer, Heidelberg (1999). doi: 10.1007/3-540-48910-X_15 CrossRefGoogle Scholar
  5. 5.
    Patarin, J., Goubin, L., Courtois, N.: C \(_{-+}\) \(^{*}\) and HM: variations around two schemes of T. Matsumoto and H. Imai. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 35–50. Springer, Heidelberg (1998). doi: 10.1007/3-540-49649-1_4 CrossRefGoogle Scholar
  6. 6.
    Patarin, J., Courtois, N., Goubin, L.: QUARTZ, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001). doi: 10.1007/3-540-45353-9_21 CrossRefGoogle Scholar
  7. 7.
    Petzoldt, A., Bulygin, S., Buchmann, J.: CyclicRainbow – a multivariate signature scheme with a partially cyclic public key. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 33–48. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-17401-8_4 CrossRefGoogle Scholar
  8. 8.
    Petzoldt, A., Chen, M.-S., Yang, B.-Y., Tao, C., Ding, J.: Design principles for HFEv- based multivariate signature schemes. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 311–334. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-48797-6_14 CrossRefGoogle Scholar
  9. 9.
    Ding, J., Yang, B.-Y.: Degree of regularity for HFEv and HFEv-. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 52–66. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38616-9_4 CrossRefGoogle Scholar
  10. 10.
    Goubin, L., Courtois, N.T.: Cryptanalysis of the TTM cryptosystem. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 44–57. Springer, Heidelberg (2000). doi: 10.1007/3-540-44448-3_4 CrossRefGoogle Scholar
  11. 11.
    Tsujii, S., Gotaishi, M., Tadaki, K., Fujita, R.: Proposal of a signature scheme based on STS trapdoor. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 201–217. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-12929-2_15 CrossRefGoogle Scholar
  12. 12.
    Porras, J., Baena, J., Ding, J.: ZHFE, a new multivariate public key encryption scheme. In: [23], pp. 229–245 (2014)Google Scholar
  13. 13.
    Tao, C., Diene, A., Tang, S., Ding, J.: Simple matrix scheme for encryption. In: [24], pp. 231–242 (2013)Google Scholar
  14. 14.
    Ding, J., Petzoldt, A., Wang, L.: The cubic simple matrix encryption scheme. In: [23], pp. 76–87 (2014)Google Scholar
  15. 15.
    Szepieniec, A., Ding, J., Preneel, B.: Extension field cancellation: a new central trapdoor for multivariate quadratic systems. In: [25], pp. 182–196 (2016)Google Scholar
  16. 16.
    Perlner, R.A., Smith-Tone, D.: Security analysis and key modification for ZHFE. In: [25], pp. 197–212 (2016)Google Scholar
  17. 17.
    Moody, D., Perlner, R.A., Smith-Tone, D.: An asymptotically optimal structural attack on the ABC multivariate encryption scheme. In: [23], pp. 180–196 (2014)Google Scholar
  18. 18.
    Moody, D., Perlner, R.A., Smith-Tone, D.: Key recovery attack on the cubic ABC simple matrix multivariate encryption scheme. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 255–271. Springer, Cham (2017)Google Scholar
  19. 19.
    Barker, E., Roginsky, A.: Transitions: recommendation for transitioning the use of cryptographic algorithms and key lengths. NIST Special Publication (2015).
  20. 20.
    Diene, A., Tao, C., Ding, J.: Simple matrix scheme for encryption (ABC). In: PQCRYPTO 2013 (2013).
  21. 21.
    Yang, B.-Y., Chen, J.-M.: Building secure tame-like multivariate public-key cryptosystems: the new TTS. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 518–531. Springer, Heidelberg (2005). doi: 10.1007/11506157_43 CrossRefGoogle Scholar
  22. 22.
    Developers, T.S.: SageMath, the Sage Mathematics Software System (SAGE, Version 7.2) (2016).
  23. 23.
    Mosca, M. (ed.): PQCrypto 2014. LNCS, vol. 8772. Springer, Cham (2014). doi: 10.1007/978-3-319-11659-4 zbMATHGoogle Scholar
  24. 24.
    Gaborit, P. (ed.): PQCrypto 2013. LNCS, vol. 7932. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38616-9 zbMATHGoogle Scholar
  25. 25.
    Takagi, T. (ed.): PQCrypto 2016. LNCS, vol. 9606. Springer, Cham (2016). doi: 10.1007/978-3-319-29360-8 zbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG (outside the US) 2017

Authors and Affiliations

  1. 1.National Institute of Standards and TechnologyGaithersburgUSA
  2. 2.Department of MathematicsUniversity of LouisvilleLouisvilleUSA

Personalised recommendations