How to generate cryptographically strong sequences of pseudo-random bits
SIAM Journal on Computing
How to construct random functions
Journal of the ACM (JACM)
A simple unpredictable pseudo random number generator
SIAM Journal on Computing
A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
On the Generation of Cryptographically Strong Pseudo-Random Sequences
Proceedings of the 8th Colloquium on Automata, Languages and Programming
Asymmetric cryptography with S-Boxes
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Sparse Pseudorandom Distributions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Scream: A Software-Efficient Stream Cipher
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
Solving Underdefined Systems of Multivariate Quadratic Equations
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Learning polynomials with queries: The highly noisy case
FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
Compact FPGA implementations of QUAD
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
An efficient pseudo-random generator provably as secure as syndrome decoding
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Unbalanced oil and vinegar signature schemes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
About the XL algorithm over GF(2)
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
On the provable security of an efficient RSA-Based pseudorandom generator
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Improving the performance of the SYND stream cipher
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
On the complexity of solving quadratic Boolean systems
Journal of Complexity
| Hi-index | 0.00 |
In this paper we present the stream cipher QUAD and the provable security arguments supporting its conjectured strength for suitable parameter values. QUAD was first proposed at Eurocrypt 2006 by Berbain and co-workers [Berbain, C., Gilbert, H., Patarin, J., 2006b. QUAD: A practical stream cipher with provable security. In: Vaudenay, S. (Ed.), Advances in Cryptology - EUROCRYPT 2006. In: Lecture Notes in Computer Science, Springer-Verlag]. It relies on the iteration of a set of multivariate quadratic polynomials over a finite field, typically GF(2) or a small extension. We show that in the binary case, the security of the keystream generation can be related, in the concrete security model, to the conjectured intractability of the MQ problem of solving a random system of m equations in n unknowns. We show furthermore that this security reduction can be extended to incorporate the key and IV setup and provide a security argument related to the whole stream cipher. We also briefly address software and hardware performance issues and show that if one is willing to pseudo-randomly generate the sets of quadratic polynomials underlying the cipher, this leads to surprisingly inexpensive hardware implementations of QUAD.