Cryptanalysis of Rational Multivariate Public Key Cryptosystems
- 1.4k Downloads
In 1989, Tsujii, Fujioka, and Hirayama proposed a family of multivariate public key cryptosystems, where the public key is given as a set of multivariate rational functions of degree 4. These cryptosystems are constructed via composition of two quadratic rational maps. In this paper, we present the cryptanalysis of this family of cryptosystems. The key point of our attack is to transform a problem of decomposition of two rational maps into a problem of decomposition of two polynomial maps. We develop a new improved 2R decomposition method and other new techniques, which allows us to find an equivalent decomposition of the rational maps to break the system completely. For the example suggested for practical applications, it is very fast to derive an equivalent private key, and it requires only a few seconds on a standard PC.
KeywordsQuadratic Polynomial Core Transformation Function Ring Inversion Function Quartic Polynomial
Unable to display preview. Download preview PDF.
- 1.International Workshop on Post-Quantum Cryptography. Katholieke Universiteit Leuven, Belgium, May 24–26 (2006), http://postquantum.cr.yp.to
- 3.Fell, H., Diffie, W.: Analysis of a public key approach based on polynomial substitution. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 340–349. Springer, Heidelberg (1986)Google Scholar
- 4.Goubin, L., Patarin, J.: Asymmetric Cryptography with S-Boxes, Extended Version, http://citeseer.ist.psu.edu/patarin97asymmetric.html
- 6.Tsujii, S., Tadaki, K., Fujita, R.: Piece In Hand Concept for Enhancing the Security of Multivariate Type Public Key Cryptosystems: Public Key Without Containing All the Information of Secret Key, Cryptology ePrint Archive, Report 2004/366 (2004), http://eprint.iacr.org/2004/366
- 7.Tsujii, S., Kurosawa, K., Itoh, T., Fujioka, A., Matsumoto, T.: A public key cryptosystem based on the difficulty of solving a system of nonlinear equations. ICICE Transactions (D) J69-D 12, 1963–1970 (1986)Google Scholar
- 9.Ye, D.F., Lam, K.Y., Dai, Z.D.: Cryptanalysis of 2R Schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 315–325. Springer, Heidelberg (1999)Google Scholar
- 10.Specifications of SFLASH, NESSIE documentation, https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/