Introduction to finite fields and their applications
Introduction to finite fields and their applications
Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
C*-+ and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Cryptanalysis of SFLASH with Slightly Modified Parameters
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Square, a New Multivariate Encryption Scheme
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Practical cryptanalysis of SFLASH
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
On the differential security of multivariate public key cryptosystems
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Hi-index | 0.00 |
Recently, the C*− signature scheme has been completely broken by Dubois et al. [1,2]. As a consequence, the security of SFLASH and other multivariate public key systems have been impaired. The attacks presented in [1,2] rely on a symmetry of the differential of the encryption mapping. In [3], Ding et al. experimentally justify the use projection as a method of avoiding the new attack, and some theoretical backing to this method is given in [4]. In this paper, we derive some properties of the discrete differential, extend the theoretical justification for the reparation in [3], and establish the exact context in which this attack is applicable.