Computer algebra: symbolic and algebraic computation (2nd ed.)
Computer algebra: symbolic and algebraic computation (2nd ed.)
Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Efficient computation of zero-dimensional Gro¨bner bases by change of ordering
Journal of Symbolic Computation
Efficient signature schemes based on birational permutations
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
SIAM Journal on Computing
FLASH, a Fast Multivariate Signature Algorithm
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the Oil & Vinegar Signature Scheme
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A new efficient algorithm for computing Gröbner bases without reduction to zero (F5)
Proceedings of the 2002 international symposium on Symbolic and algebraic computation
Ideals, Varieties, and Algorithms: An Introduction to Computational Algebraic Geometry and Commutative Algebra, 3/e (Undergraduate Texts in Mathematics)
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Unbalanced oil and vinegar signature schemes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
l-invertible cycles for multivariate quadratic (MQ) public key cryptography
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Practical cryptanalysis of SFLASH
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Equivalent keys in HFE, c*, and variations
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Polynomial equivalence problems: algorithmic and theoretical aspects
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Practical-Sized Instances of Multivariate PKCs: Rainbow, TTS, and lIC-Derivatives
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Remarks on the Attack of Fouque et al. against the l IC Scheme
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Interactions between computer algebra (Gröbner bases) and cryptology
Proceedings of the 2009 international symposium on Symbolic and algebraic computation
SSE Implementation of Multivariate PKCs on Modern x86 CPUs
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Key recovery on hidden monomial multivariate schemes
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
General fault attacks on multivariate public key cryptosystems
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Hi-index | 0.00 |
In this paper, we describe efficient forgery and full-key recovery attacks on the l-IC- signature scheme recently proposed at PKC 2007. This cryptosystem is a multivariate scheme based on a new internal quadratic primitive which avoids some drawbacks of previous multivariate schemes: the scheme is extremely fast since it requires one exponentiation in a finite field of medium size and the public key is shorter than in many multivariate signature schemes. Our attacks rely on the recent cryptanalytic tool developed by Dubois et al. against the SFLASH signature scheme. However, the final stage of the attacks requires the use of Gröbner basis techniques to conclude to actually forge a signature (resp. to recover the secret key). For the forgery attack, this is due to the fact that Patarin's attack is much more difficult to mount against l-IC. The key recovery attack is also very efficient since it is faster to recover equivalent secret keys than to forge.