Abstract
In [1] Matsumoto and Imai have developed a new public key scheme for enciphering or signing. (This scheme is completely different and should not be mistaken with another scheme of Matsumoto and Imai developed in 1983 and broken at Eurocrypt’84).
No attacks have been published as yet for this scheme. However we will see in this paper that for almost all the keys almost each cleartext can be found from his ciphertext after only about m 2 n 4 log n computations where m is the degree of the field K chosen, and where mn is the number of bits of the text.
Moreover for absolutely all the keys that give a practical size for the messages it will be possible to find almost all the cleartexts from the corresponding ciphertexts after a feasible computation.
So the algorithm of [1] is insecure.
Chapter PDF
Similar content being viewed by others
References
T. Matsumoto and H. Imai, Public Quadratic Polynomial-tuples for efficient signature-verification and message-encryption, EUROCRYP’88, Springer-Verlag 1988, pp. 419–453.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Patarin, J. (1995). Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt’88. In: Coppersmith, D. (eds) Advances in Cryptology — CRYPT0’ 95. CRYPTO 1995. Lecture Notes in Computer Science, vol 963. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44750-4_20
Download citation
DOI: https://doi.org/10.1007/3-540-44750-4_20
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60221-7
Online ISBN: 978-3-540-44750-4
eBook Packages: Springer Book Archive