Cryptanalysis of Patarin's 2-round public key system with S boxes (2R)

Authors:
Eli Biham
Affiliations:
Computer Science Department, Technion-Israel Institute of Technology, Haifa, Israel
Venue:
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Year:
2000

Citing 8
Cited 9

Efficient signature schemes based on polynomial equations

Proceedings of CRYPTO 84 on Advances in cryptology
An efficient solution of the congruence x2+ky2=m (modn)

IEEE Transactions on Information Theory
Public quadratic polynomial-tuples for efficient signature-verification and message-encryption

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Efficient signature schemes based on birational permutations

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Attacks on the birational permutation signature schemes

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Asymmetric cryptography with S-Boxes

ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Hidden fields equations (HFE) and isomorphisms of polynomials (IP): Two new families of asymmetric algorithms

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques

Structural Cryptanalysis of SASAS

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Cryptanalysis of Imai and Matsumoto Scheme B Asymmetric Cryptosystem

INDOCRYPT '01 Proceedings of the Second International Conference on Cryptology in India: Progress in Cryptology
An efficient algorithm for decomposing multivariate polynomials and its applications to cryptography

Journal of Symbolic Computation
Cryptanalysis of Boolean permutation-based key escrow scheme

Computers and Electrical Engineering
Backdoor attacks on black-box ciphers exploiting low-entropy plaintexts

ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
A cryptanalysis of the double-round quadratic cryptosystem

ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Key recovery on hidden monomial multivariate schemes

EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
A subliminal channel in secret block ciphers

SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Cryptanalysis of 2r− schemes

CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

In a series of papers Patarin proposes new efficient public key systems. A very interesting proposal, called 2-Round Public Key System with S Boxes, or 2R, is based on the difficulty of decomposing the structure of several rounds of unknown linear transformations and S boxes. This difficulty is due to the difficulty of decomposing compositions of multivariate binary functions. In this paper we present a novel attack which breaks the 64-bit block variant with complexity about 230 steps, and the more secure 128-bit blocks variant with complexity about 260 steps. It is interesting to note that this cryptanalysis uses only the ciphertexts of selected plaintexts, and does not analyze the details of the supplied encryption code.