Cryptanalysis of the tractable rational map cryptosystem

Authors:
Antoine Joux;Sébastien Kunz-Jacques;Frédéric Muller;Pierre-Michel Ricordel
Affiliations:
SPOTI;DCSSI Crypto Lab 51, Boulevard de La Tour-Maubourg, Paris 07 SP, France;DCSSI Crypto Lab 51, Boulevard de La Tour-Maubourg, Paris 07 SP, France;DCSSI Crypto Lab 51, Boulevard de La Tour-Maubourg, Paris 07 SP, France
Venue:
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Year:
2005

Citing 8
Cited 8

Public quadratic polynomial-tuples for efficient signature-verification and message-encryption

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
FLASH, a Fast Multivariate Signature Algorithm

CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Gröbner-Bases, Gaussian elimination and resolution of systems of algebraic equations

EUROCAL '83 Proceedings of the European Computer Algebra Conference on Computer Algebra
Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
A new efficient algorithm for computing Gröbner bases without reduction to zero (F5)

Proceedings of the 2002 international symposium on Symbolic and algebraic computation
Hidden fields equations (HFE) and isomorphisms of polynomials (IP): Two new families of asymmetric algorithms

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Efficient algorithms for solving overdefined systems of multivariate polynomial equations

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques

Exploring confusion in product ciphers through regression analysis

Information Sciences: an International Journal
Cryptanalysis of the TRMC-4 Public Key Cryptosystem

ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
A New Construction of Multivariate Public Key Encryption Scheme through Internally Perturbed Plus

ICCSA '08 Proceedings of the international conference on Computational Science and Its Applications, Part II
Cryptanalysis of the TRMS signature scheme of PKC'05

AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Building secure tame-like multivariate public-key cryptosystems: the new TTS

ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
A "medium-field" multivariate public-key encryption scheme

CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Implementing minimized multivariate PKC on low-resource embedded systems

SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Multivariate public key cryptosystems from diophantine equations

Designs, Codes and Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we present the cryptanalysis of a public key scheme based on a system of multivariate polynomial equations, the “tractable rational map” cryptosystem. We show combinatorial weaknesses of the cryptosystem, and introduce a variant of the XL resolution algorithm, the Linear Method, which is able to leverage these weaknesses to invert in short time the trapdoor one-way function defined by the cipher using only the public key, and even rebuild a private key. We also interpret the behavior of the Linear Method on random instances of the scheme, and show that various generalizations of the cipher, as well as an increase of the security parameter, cannot lead to a secure scheme.