Advertisement

Rank Analysis of Cubic Multivariate Cryptosystems

  • John Baena
  • Daniel Cabarcas
  • Daniel E. Escudero
  • Karan Khathuria
  • Javier Verbel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10786)

Abstract

In this work we analyze the security of cubic cryptographic constructions with respect to rank weakness. We detail how to extend the big field idea from quadratic to cubic, and show that the same rank defect occurs. We extend the min-rank problem and propose an algorithm to solve it in this setting. We show that for fixed small rank, the complexity is even lower than for the quadratic case. However, the rank of a cubic polynomial in n variables can be larger than n, and in this case the algorithm is very inefficient. We show that the rank of the differential is not necessarily smaller, rendering this line of attack useless if the rank is large enough. Similarly, the algebraic attack is exponential in the rank, thus useless for high rank.

Keywords

Multivariate cryptography Cubic polynomials Tensor rank Min-rank 

Notes

Acknowledgements

This work was partially supported by “Fondo Nacional de Financiamiento para la Ciencia, la Tecnología y la Innovación Francisco José de Caldas”, Colciencias (Colombia), Project No. 111865842333 and Contract No. 049-2015.

We would like to thank Jintai Ding for very useful discussions. We would also like to thank the reviewers of PQCrypto 2018 for their constructive reviews and suggestions. And last but not least, we thank the Facultad de Ciencias of the Universidad Nacional de Colombia sede Medellín for granting us access to the Enlace server, where we ran most of the experiments of this paper.

References

  1. 1.
    Aliasgari, M., Sadeghi, M.R., Panario, D.: Gröbner bases for lattices and an algebraic decoding algorithm. In: 2011 49th Annual Allerton Conference on Communication, Control, and Computing (Allerton), pp. 1414–1415, September 2011Google Scholar
  2. 2.
    Bardet, M., Faugère, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: Eighth International Symposium on Effective Methods in Algebraic Geometry, MEGA 2005, pp. 1–14 (2005)Google Scholar
  3. 3.
    Bettale, L., Faugère, J.-C., Perret, L.: Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Crypt. 69(1), 1–52 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Buss, J.F., Frandsen, G.S., Shallit, J.O.: The computational complexity of some problems of linear algebra. J. Comput. Syst. Sci. 58(3), 572–596 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Chen, C.-H.O., Chen, M.-S., Ding, J., Werner, F., Yang, B.-Y.: Odd-char multivariate hidden field equations. IACR Cryptology ePrint Archive, 2008:543 (2008)Google Scholar
  6. 6.
    Ding, J., Hodges, T.J.: Inverting HFE systems is quasi-polynomial for all fields. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 724–742. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_41CrossRefGoogle Scholar
  7. 7.
    Ding, J., Petzoldt, A., Wang, L.: The cubic simple matrix encryption scheme. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 76–87. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11659-4_5Google Scholar
  8. 8.
    Escudero, D.: Groebner bases and applications to the security of multivariate public key cryptosystems (2016). http://cs.au.dk/~escudero/files/TDG.pdf. Accessed 25 Nov 2017
  9. 9.
    Faugère, J.-C., El Din, M.S., Spaenlehauer, P.-J.: Gröbner bases of bihomogeneous ideals generated by polynomials of bidegree (1,1): algorithms and complexity. J. Symb. Comput. 46(4), 406–437 (2011)CrossRefzbMATHGoogle Scholar
  10. 10.
    Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases \((F_4)\). J. Pure Appl. Algebra 139(1-3), 61–88 (1999). (Effective methods in algebraic geometry, Saint-Malo (1998))Google Scholar
  11. 11.
    Faugère, J.C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (f5). In: Proceedings of 2002 International Symposium on Symbolic and Algebraic Computation, ISSAC 2002, pp. 75–83. ACM, New York (2002)Google Scholar
  12. 12.
    Faugère, J.-C., Levy-dit-Vehel, F., Perret, L.: Cryptanalysis of MinRank. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 280–296. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_16CrossRefGoogle Scholar
  13. 13.
    Goubin, L., Courtois, N.T.: Cryptanalysis of the TTM cryptosystem. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 44–57. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44448-3_4CrossRefGoogle Scholar
  14. 14.
    Hashimoto, Y.: Multivariate public key cryptosystems. In: Takagi, T., Wakayama, M., Tanaka, K., Kunihiro, N., Kimoto, K., Duong, D. (eds.) Mathematical Modelling for Next-Generation Cryptography. Mathematics for Industry, vol. 29, pp. 17–42. Springer, Singapore (2018).  https://doi.org/10.1007/978-981-10-5065-7_2CrossRefGoogle Scholar
  15. 15.
    Hillar, C.J., Lim, L.-H.: Most tensor problems are NP-hard. J. ACM 60(6), 45:1–45:39 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Hodges, T.J., Petit, C., Schlather, J.: First fall degree and weil descent. Finite Fields Appl. 30, 155–177 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Howell, T.D.: Global properties of tensor rank. Linear Algebra Appl. 22(Suppl. C), 9–23 (1978)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_2CrossRefGoogle Scholar
  19. 19.
    Kruskal, J.B.: Three-way arrays: rank and uniqueness of trilinear decompositions, with application to arithmetic complexity and statistics. Linear Algebra Appl. 18(2), 95–138 (1977)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Landsberg, J.M.: Tensors: Geometry and Applications. Graduate Studies in Mathematics, vol. 128. American Mathematical Society, Providence (2012)zbMATHGoogle Scholar
  21. 21.
    Lidl, R., Niederreiter, H.: Finite Fields. Encyclopedia of Mathematics and Its Applications, 2nd edn, vol. 20. Cambridge University Press, Cambridge (1997). With a foreword by P.M. CohnGoogle Scholar
  22. 22.
    Makarim, R.H., Stevens, M.: M4GB: an efficient Gröbner-basis algorithm. In: Proceedings of 2017 ACM on International Symposium on Symbolic and Algebraic Computation, ISSAC 2017, pp. 293–300. ACM, New York (2017)Google Scholar
  23. 23.
    Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988).  https://doi.org/10.1007/3-540-45961-8_39CrossRefGoogle Scholar
  24. 24.
    Moody, D., Perlner, R., Smith-Tone, D.: An asymptotically optimal structural attack on the ABC multivariate encryption scheme. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 180–196. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11659-4_11Google Scholar
  25. 25.
    Moody, D., Perlner, R., Smith-Tone, D.: Improved attacks for characteristic-2 parameters of the cubic ABC simple matrix encryption scheme. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 255–271. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-59879-6_15CrossRefGoogle Scholar
  26. 26.
    Moody, D., Perlner, R., Smith-Tone, D.: Key recovery attack on the cubic ABC simple matrix multivariate encryption scheme. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 543–558. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-69453-5_29CrossRefGoogle Scholar
  27. 27.
    Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68339-9_4CrossRefGoogle Scholar
  28. 28.
    Patarin, J., Courtois, N., Goubin, L.: QUARTZ, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282–297. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45353-9_21CrossRefGoogle Scholar
  29. 29.
    Porras, J., Baena, J., Ding, J.: ZHFE, a new multivariate public key encryption scheme. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 229–245. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11659-4_14Google Scholar
  30. 30.
    Shmuel, F.: Remarks on the symmetric rank of symmetric tensors, January 2016. arXiv.org/pdf/1505.00860
  31. 31.
    Shmuel, F., Stawiska, M.: Best approximation on semi-algebraic sets and k-border rank approximation of symmetric tensors, November 2013. arXiv.org/pdf/1311.1561
  32. 32.
    Spaenlehauer, P.-J.: Solving multi-homogeneous and determinantal systems. Algorithms - Complexity - Applications. Ph.D. thesis, Université Paris 6 (2012)Google Scholar
  33. 33.
    Yang, B.-Y., Chen, J.-M.: Building secure tame-like multivariate public-key cryptosystems: the new TTS. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 518–531. Springer, Heidelberg (2005).  https://doi.org/10.1007/11506157_43CrossRefGoogle Scholar
  34. 34.
    Barrientos, I.Á., Borges-Quintana, M., Borges-Trenard, M.A., Panario, D.: Computing Gröbner bases associated with lattices. Adv. Math. Commun. 10(4), 851–860 (2016)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • John Baena
    • 1
  • Daniel Cabarcas
    • 1
  • Daniel E. Escudero
    • 2
  • Karan Khathuria
    • 3
  • Javier Verbel
    • 1
  1. 1.Universidad Nacional de Colombia sede MedellínMedellínColombia
  2. 2.Aarhus UniversityAarhusDenmark
  3. 3.University of ZurichZurichSwitzerland

Personalised recommendations