Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Finite fields
QUARTZ, 128-Bit Long Digital Signatures
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Asymmetric Cryptography with a Hidden Monomial
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of the Oil & Vinegar Signature Scheme
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Remarks on the Attack of Fouque et al. against the l IC Scheme
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Hi-index | 0.00 |
We show how to recover the affine parts of the secret key for a certain class of HFE-Cryptosystems. Further we will show that any system with branches can be decomposed in its single branches in polynomial time on average. The attack on the affine parts generalizes the results from [1, 11] to a bigger class of systems and is achieved by a different approach. Despite the fact that systems with branches are not used anymore (see [11, 6]), our second attack is a still of interest, as it shows that branches belong to the list of algebraic properties, which cannot be hidden by composition with secret affine transformations. We derived both algorithms by considering the cryptosystem as objects from the theory of nonassociative algebras and applying classical techniques from this theory. This general framework might be a useful tool for future investigations of HFE-Cryptosystems, e.g. to detect further invariants, which are not hidden by composition with affine transformations.