The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Efficient computation of zero-dimensional Gro¨bner bases by change of ordering
Journal of Symbolic Computation
A new identification scheme based on syndrome decoding
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
A polynomial approach to linear algebra
A polynomial approach to linear algebra
Finite fields
The MAGMA algebra system I: the user language
Journal of Symbolic Computation - Special issue on computational algebra and number theory: proceedings of the first MAGMA conference
Algebraic aspects of cryptography
Algebraic aspects of cryptography
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
QUARTZ, 128-Bit Long Digital Signatures
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
FLASH, a Fast Multivariate Signature Algorithm
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Gröbner-Bases, Gaussian elimination and resolution of systems of algebraic equations
EUROCAL '83 Proceedings of the European Computer Algebra Conference on Computer Algebra
An Efficient Identification Scheme Based on Permuted Kernels (Extended Abstract)
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Designing Identification Schemes with Keys of Short Size
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Attacking the Affine Parts of SFLASH
Proceedings of the 8th IMA International Conference on Cryptography and Coding
A new efficient algorithm for computing Gröbner bases without reduction to zero (F5)
Proceedings of the 2002 international symposium on Symbolic and algebraic computation
Proofs that yield nothing but their validity and a methodology of cryptographic protocol design
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Square-Vinegar Signature Scheme
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Square, a New Multivariate Encryption Scheme
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A new identification scheme based on the perceptrons problem
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Unbalanced oil and vinegar signature schemes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
l-invertible cycles for multivariate quadratic (MQ) public key cryptography
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Lattice-based identification schemes secure under active attacks
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
A fast cryptanalysis of the isomorphism of polynomials with one secret problem
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Quantum money from hidden subspaces
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
MQQ-SIG: an ultra-fast and provably CMA resistant digital signature scheme
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
On polynomial systems arising from a weil descent
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
This paper presents a practical cryptanalysis of the Identification Scheme proposed by Patarin at Crypto 1996. This scheme relies on the hardness of the Isomorphism of Polynomial with One Secret (IP1S), and enjoys shorter key than many other schemes based on the hardness of a combinatorial problem (as opposed to number-theoretic problems). Patarin proposed concrete parameters that have not been broken faster than exhaustive search so far. On the theoretical side, IP1S has been shown to be harder than Graph Isomorphism, which makes it an interesting target. We present two new deterministic algorithms to attack the IP1S problem, and we rigorously analyze their complexity and success probability. We show that they can solve a (big) constant fraction of all the instances of degree two in polynomial time. We verified that our algorithms are very efficient in practice. All the parameters with degree two proposed by Patarin are now broken in a few seconds. The parameters with degree three can be broken in less than a CPU-month. The identification scheme is thus quite badly broken.