The MAGMA algebra system I: the user language
Journal of Symbolic Computation - Special issue on computational algebra and number theory: proceedings of the first MAGMA conference
FLASH, a Fast Multivariate Signature Algorithm
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Cryptoanalysis of Two Sparse Polynomial Based Public Key Cryptosystems
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Remarks on the Attack of Fouque et al. against the l IC Scheme
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Cryptanalysis of the Square Cryptosystems
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Equivalent keys in HFE, c*, and variations
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Tractable rational map signature
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Large superfluous keys in multivariate quadratic asymmetric systems
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Polynomial equivalence problems: algorithmic and theoretical aspects
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Complexity estimates for the F4 attack on the perturbed Matsumoto-Imai cryptosystem
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Implementing minimized multivariate PKC on low-resource embedded systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
| Hi-index | 0.00 |
The signature scheme SFLASH has been accepted as candidate in the NESSIE (New European Scheme for Signatures, Integrity, and Encryption) project. We show that recovering the two secret affine mappings F237 → F237 in SFLASH can easily be reduced to the task of revealing two linear mappings F237 → F237. In particular, the 74 bits representing these affine parts do by no means contribute a factor of 274 to the effort required for mounting an attack against the system. This raises some doubts about the design of this NESSIE candidate.