Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
The MAGMA algebra system I: the user language
Journal of Symbolic Computation - Special issue on computational algebra and number theory: proceedings of the first MAGMA conference
The computational complexity of some problems of linear algebra
Journal of Computer and System Sciences
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Efficient Zero-Knowledge Authentication Based on a Linear Algebra Problem MinRank
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A new efficient algorithm for computing Gröbner bases without reduction to zero (F5)
Proceedings of the 2002 international symposium on Symbolic and algebraic computation
Ideals, Varieties, and Algorithms: An Introduction to Computational Algebraic Geometry and Commutative Algebra, 3/e (Undergraduate Texts in Mathematics)
Kipnis-Shamir Attack on HFE Revisited
Information Security and Cryptology
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Algebraic Attack on HFE Revisited
ISC '08 Proceedings of the 11th international conference on Information Security
SSE Implementation of Multivariate PKCs on Modern x86 CPUs
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Computing loci of rank defects of linear matrices using Gröbner bases and applications to cryptology
Proceedings of the 2010 International Symposium on Symbolic and Algebraic Computation
FGb: a library for computing Gröbner bases
ICMS'10 Proceedings of the Third international congress conference on Mathematical software
Journal of Symbolic Computation
Equivalent keys in HFE, c*, and variations
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Large superfluous keys in multivariate quadratic asymmetric systems
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Inverting HFE is quasipolynomial
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Inverting HFE systems is quasi-polynomial for all fields
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
General fault attacks on multivariate public key cryptosystems
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Roots of square: cryptanalysis of double-layer square and square+
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Public-Key cryptography from new multivariate quadratic assumptions
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
MQQ-SIG: an ultra-fast and provably CMA resistant digital signature scheme
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
On polynomial systems arising from a weil descent
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
| Hi-index | 0.00 |
We investigate the security of a generalization of HFE (multivariate and odd-characteristic variants). First, we propose an improved version of the basic Kipnis-Shamir key recovery attack against HFE. Second, we generalize the Kipnis-Shamir attack to Multi-HFE. The attack reduces to solve a MinRank problem directly on the public key. This leads to an improvement of a factor corresponding to the square of the degree of the extension field. We used recent results on MinRank to show that our attack is polynomial in the degree of the extension field. It appears that multi-HFE is less secure than original HFE for equal-sized keys. Finally, adaptations of our attack overcome several variants (i.e. minus modifier and embedding). As a proof of concept, we have practically broken the most conservative parameters given by Chen, Chen, Ding, Werner and Yang in 9 days for 256 bits security. All in all, our results give a more precise picture on the (in)security of several variants of HFE proposed these last years.