Public quadratic polynomial-tuples for efficient signature-verification and message-encryption
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Matrix multiplication via arithmetic progressions
Journal of Symbolic Computation - Special issue on computational algebraic complexity
Computing Frobenius maps and factoring polynomials
STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
Attacks on the birational permutation signature schemes
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Algebraic aspects of cryptography
Algebraic aspects of cryptography
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
QUARTZ, 128-Bit Long Digital Signatures
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
FLASH, a Fast Multivariate Signature Algorithm
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
C*-+ and HM: Variations Around Two Schemes of T. Matsumoto and H. Imai
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A block Lanczos algorithm for finding dependencies over GF(2)
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Efficient Zero-Knowledge Authentication Based on a Linear Algebra Problem MinRank
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of HFE, HFEv- and Quartz
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Generic Attacks and the Security of Quartz
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
On the security of stepwise triangular systems
Designs, Codes and Cryptography
Solving Multiple Right Hand Sides linear equations
Designs, Codes and Cryptography
Kipnis-Shamir Attack on HFE Revisited
Information Security and Cryptology
A New Construction of Multivariate Public Key Encryption Scheme through Internally Perturbed Plus
ICCSA '08 Proceedings of the international conference on Computational Science and Its Applications, Part II
Algebraic Attack on HFE Revisited
ISC '08 Proceedings of the 11th international conference on Information Security
Remarks on the Attack of Fouque et al. against the l IC Scheme
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Practical Algebraic Attacks on the Hitag2 Stream Cipher
ISC '09 Proceedings of the 12th International Conference on Information Security
High order linearization equation (HOLE) attack on multivariate public key cryptosystems
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Cryptanalysis of HFE with internal perturbation
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Efficient GF(pm) arithmetic architectures for cryptographic applications
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Algebraic cryptanalysis of the data encryption standard
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
An analysis of the RC4 family of stream ciphers against algebraic attacks
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
Probabilistic multivariate cryptography
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Algebraic attacks on clock-controlled cascade ciphers
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
An efficient provable distinguisher for HFE
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Cryptanalysis of HFEv and internal perturbation of HFE
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Rainbow, a new multivariable polynomial signature scheme
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Efficient cryptanalysis of RSE(2)PKC and RSSE(2)PKC
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
General principles of algebraic attacks and new design criteria for cipher components
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
The inverse s-box, non-linear polynomial relations and cryptanalysis of block ciphers
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Differential cryptanalysis for multivariate schemes
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Algebraic attacks on combiners with memory and several outputs
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
All in the XL family: theory and practice
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Inverting HFE is quasipolynomial
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Secure variants of the square encryption scheme
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Algebraic attacks on clock-controlled stream ciphers
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
On exact algebraic [non-]immunity of s-boxes based on power functions
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
On polynomial systems arising from a weil descent
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
| Hi-index | 0.02 |
We consider the basic version of the asymmetric cryptosystem HFE from Eurocrypt 96.We propose a notion of non-trivial equations as a tentative to account for a large class of attacks on one-way functions. We found equations that give experimental evidence that basic HFE can be broken in expected polynomial time for any constant degree d. It has been independently proven by Shamir and Kipnis [Crypto'99].We designed and implemented a series of new advanced attacks that are much more efficient that the Shamir-Kipnis attack. They are practical for HFE degree d 驴 24 and realistic up to d = 128. The 80-bit, 500$ Patarin's 1st challenge on HFE can be broken in about 262.Our attack is subexponential and requires n3/2 log d computations. The original Shamir-Kipnis attack was in at least nlog2 d. We show how to improve the Shamir-Kipnis attack, by using a better method of solving the involved algebraical problem MinRank. It becomes then in n3 log d+O(1). All attacks fail for modified versions of HFE: HFE- (Asiacrypt'98), vHFE (Eurocrypt'99), Quartz (RSA'2000) and even for Flash (RSA'2000).