Chengdong Tao,Hong Xiang,Albrecht Petzoldt,Jintai Ding

DOI: https://doi.org/10.1016/j.ffa.2015.06.001

IF: 1.655

2015-01-01

Finite Fields and Their Applications

Abstract:Multivariate cryptography is one of the main candidates to guarantee the security of communication in the presence of quantum computers. While there exist a large number of secure and efficient multivariate signature schemes, the number of practical multivariate encryption schemes is somewhat limited. In this paper we present our results on creating a new multivariate encryption scheme, which is an extension of the original Simple Matrix encryption scheme of PQCrypto 2013. Our scheme allows fast en- and decryption and resists all known attacks against multivariate cryptosystems. Furthermore, we present a new idea to solve the decryption failure problem of the original Simple Matrix encryption scheme. (C) 2015 Elsevier Inc. All rights reserved.

Chengdong Tao,Adama Diene,Shaohua Tang,Jintai Ding

DOI: https://doi.org/10.1007/978-3-642-38616-9_16

2013-01-01

Abstract:There are several attempts to build asymmetric pubic key encryption schemes based on multivariate polynomials of degree two over a finite field. However, most of them are insecure. The common defect in many of them comes from the fact that certain quadratic forms associated with their central maps have low rank, which makes them vulnerable to the MinRank attack. We propose a new simple and efficient multivariate pubic key encryption scheme based on matrix multiplication, which does not have such a low rank property. The new scheme will be called Simple Matrix Scheme or ABC in short. We also propose some parameters for practical and secure implementation.

LU Gang,NIE Xu-yun,QIN Zhi-guang,HOU Chuan-yong

DOI: https://doi.org/10.3969/j.issn.1001-0548.2018.02.013

2018-01-01

Abstract:In 2014, Yuan et al. proposed a new multivariate public key cryptosystem by combining "small field-big field" and "stepwise triangular" methods. The authors claimed that their scheme can be secure against rank attack, linearization equation attack and differential attack. Through analysis, we found that there are a lot of linearization equations satisfied by this scheme. We can transform it to an equivalent square encryption scheme by linearization equation method and then recover corresponding plaintext for any given cipheretext by differential attack. As to two recommended parameters, for given public key, the complexities of recovering plaintext are 233 and 235, respectively. The results above are further confirmed by computer experiments.

Jiahui Chen,Jianting Ning,Jie Ling,Terry Shue Chien Lau,Yacheng Wang

DOI: https://doi.org/10.1016/j.tcs.2019.12.032

IF: 1.002

2020-01-01

Theoretical Computer Science

Abstract:It is regarded as a difficult task to design a secure MPKC fundamental schemes such as an encryption scheme. In this paper we introduce a new central trapdoor for multivariate quadratic (MQ) public-key cryptosystems that allows for encryption, in contrast to time-tested MQ primitives such as Unbalanced Oil and Vinegar or Rainbow which only allow for signatures. The same as UOV or Rainbow, our construction is single field scheme where the central polynomial system is chosen to have a particular structure that enables efficient inversion. After applying this transformation, the plaintext can be recovered by solving a linear system. Our new central trapdoor can use to replace the broken extension field calculation trapdoor and simple matrix encryption trapdoor, thereafter, we use the minus and plus modifiers to inoculate our scheme against known attacks. It is highlight that our encryption scheme is a good explore in the area of multivariate cryptography. Finally, a straightforward Magma implementation confirms the efficient operation of the public key algorithms.

NIE Xu-yun,LIU Bo,LU Gang,ZHONG Ting

DOI: https://doi.org/10.11959/j.issn.1000-436x.2015182

2015-01-01

Abstract:The novel extended multivariate public key cryptosystem is a new security enhancement method on multivariate public key cryptosystems,which is proposed by Qiao,et al.A nonlinear invertible transformation was used,named“tame transformation”,on the original multivariate public key cryptosystem to hide its weakness such as linearization equation.However,it is found that if there are many linearization equations satisfied by the original MPKC,there would be many quadratization equations (QE) satisfied by the improved scheme.Given a public key,after finding all QE,a valid cipheretext can be substituted into the QE to derive a set of quadratic equations on the plaintext variable.This exactly reduce the degree of the system wanted to solve.Then the corresponding plaintext can be recovered for a given valid ciphertext combining with Groebner basis method.

Jintai Ding,Bo-Yin Yang

DOI: https://doi.org/10.1007/978-3-540-88702-7_6

2009-01-01

Abstract:A multivariate public key cryptosystem (MPKCs for short) have a set of (usually) quadratic polynomials over a finite field as its public map. Its main security assumption is backed by the NP-hardness of the problem to solve nonlinear equations over a finite field. This family is considered as one of the major families of PKCs that could resist potentially even the powerful quantum computers of the future. There has been fast and intensive development in Multivariate Public Key Cryptography in the last two decades. Some constructions are not as secure as was claimed initially, but others are still viable. The paper gives an overview of multivariate public key cryptography and discusses the current status of the research in this area.

Yuan Feng,Sun Ying,Jiang Jijun,Zhao Shangwei,Xu Shengwei

DOI: https://doi.org/10.1109/cc.2014.7019846

2014-01-01

Abstract:This paper presents a multivariate public key cryptographic scheme over a finite field with odd prime characteristic. The idea of embedding and layering is manifested in its construction. The security of the scheme is analyzed in detail, and this paper indicates that the scheme can withstand the up to date differential cryptanalysis. We give heuristic arguments to show that this scheme resists all known attacks.

Bo Lv,Zhiniang Peng,Shaohua Tang

DOI: https://doi.org/10.1007/978-3-319-72359-4_9

2017-01-01

Abstract:The study of multivariate encryption algorithm is an important topic of multivariate public key cryptography research. However, quite few secure and practical multivariate encryption algorithms have been found up to now. The SRP encryption scheme is a multivariate encryption scheme that combines Square, Rainbow and the Plus method technique, which is of high efficiency and resistant to existing known attacks against multivariate schemes. In this paper, an improved SRP scheme with shorter private key and higher decryption efficiency is proposed. We introduce rotation relations into parts of the private key, which enables us to reduce the private key size by about 61%. And the decryption speed is 2.1 times faster than that of the original SRP. In terms of theory and experiment, we analyze the security of the improved SRP for several attacks against SRP. The results show that our modifications do not weaken the security of the original schemes.

Jintai Ding,Dieter Schmidt

DOI: https://doi.org/10.1007/978-1-0716-0987-3

2020-01-01

Abstract:Although RSA is a very successful public key cryptosystem, efforts are under way to find alternative systems, which are computationally more efficient, and which would remain secure even when a big enough quantum computer becomes operational. Multivariable polynomials over a finite field have been used to build new public key cryptosystems. Some of these constructions are not as secure as was claimed initially, but others are still viable. The paper gives on overview over this field and discusses the status of many systems, which have been proposed in the last 20 years.

Jintai Ding,Albrecht Petzoldt,Lih-chung Wang

DOI: https://doi.org/10.1007/978-3-319-11659-4_5

2014-01-01

Abstract:In this paper, we propose an improved version of the Simple Matrix encryption scheme of PQCrypto2013. The main goal of our construction is to build a system with even stronger security claims. By using square matrices with random quadratic polynomials, we can claim that breaking the system using algebraic attacks is at least as hard as solving a set of random quadratic equations. Furthermore, due to the use of random polynomials in the matrix A, Rank attacks against our scheme are not feasible.

Marco Calderini,Alessio Caminata,Irene Villa

2024-06-01

Abstract:Multivariate Cryptography is one of the main candidates for Post-quantum Cryptography. Multivariate schemes are usually constructed by applying two secret affine invertible transformations $\mathcal S,\mathcal T$ to a set of multivariate polynomials $\mathcal{F}$ (often quadratic). The secret polynomials $\mathcal{F}$ posses a trapdoor that allows the legitimate user to find a solution of the corresponding system, while the public polynomials $\mathcal G=\mathcal S\circ\mathcal F\circ\mathcal T$ look like random polynomials. The polynomials $\mathcal G$ and $\mathcal F$ are said to be affine equivalent. In this article, we present a more general way of constructing a multivariate scheme by considering the CCZ equivalence, which has been introduced and studied in the context of vectorial Boolean functions.

Cryptography and Security

Alan Szepieniec,Jintai Ding,Bart Preneel

DOI: https://doi.org/10.1007/978-3-319-29360-8_12

2016-01-01

Abstract:This paper introduces a new central trapdoor for multivariate quadratic (MQ) public-key cryptosystems that allows for encryption, in contrast to time-tested MQ primitives such as Unbalanced Oil and Vinegar or Hidden Field Equations which only allow for signatures. Our construction is a mixed-field scheme that exploits the commutativity of the extension field to dramatically reduce the complexity of the extension field polynomial implicitly present in the public key. However, this reduction can only be performed by the user who knows concise descriptions of two simple polynomials, which constitute the private key. After applying this transformation, the plaintext can be recovered by solving a linear system. We use the minus and projection modifiers to inoculate our scheme against known attacks. A straightforward C++ implementation confirms the efficient operation of the public key algorithms.

HaiJian Zhou,Ping Luo,DaoShun Wang,YiQi Dai

DOI: https://doi.org/10.1007/s11432-009-0159-9

2009-01-01

Science in China Series F Information Sciences

Abstract:Finding the solution to a general multivariate modular linear equation plays an important role in cryptanalysis field. Earlier results show that obtaining a relatively short solution is possible in polynomial time. However, one problem arises here that if the equation has a short solution in given bounded range, the results outputted by earlier algorithms are often not the ones we are interested in. In this paper, we present a probability method based on lattice basis reduction to solve the problem. For a general multivariate modular linear equation with short solution in the given bounded range, the new method outputs this short solution in polynomial time, with a high probability. When the number of unknowns is not too large (smaller than 68), the probability is approximating 1. Experimental results show that Knapsack systems and Lu-Lee type systems are easily broken in polynomial time with this new method.

Qiu-Ling GUO,Hong XIANG,Bin CAI,Jun SANG,Tao XIANG

DOI: https://doi.org/10.13868/j.cnki.jcr.000226

2018-01-01

Abstract:Multivariate public-key cryptosystems(MPKCs)are the main candidates of post-quantum cryptosystems. At present, most of multivariate encryption schemes have security problems, while there are many secure and efficient signature schemes. However, less researches are conducted on multivariate signature schemes such as threshold ring signature,blind signature,group signature,and so on. The ring signature scheme based on multivariate public key cryptosystems first proposed by Shangping Wang et al. in 2011 has high efficiency. Threshold ring signature scheme ensures at least t members of a group to sign a message without revealing the identity of the signers. In this study, by combining the characteristics of ring signature scheme proposed by Shangping Wang et al.,we propose a threshold ring signature scheme based on MPKCs. The scheme uses the idea of fair partition to split a ring into t disjoint sub-rings repeatedly and form an(n,t)-complete partitioning system. When signing,it needs to compute the signature of each sub-rings,then concatenate the signatures to form a ring-like mechanism. Our scheme is a threshold ring signature scheme for multivariate bipolar systems, which can resist the attacks of quantum computers. Analysis shows that,it satisfies the completeness and anonymity of threshold ring signatures. Furthermore, the new scheme is proven to achieve the unforgeability under known attacks against MPKCs.

Houzhen Wang,Huanguo Zhang,Shaohua Tang

DOI: https://doi.org/10.1049/iet-ifs.2015.0183

2015-01-01

IET Information Security

Abstract:Eight years ago, Pei et al. described a matrix public-key encryption scheme based on the matrix factorisation over a finite field. Recently, Gu and Zheng also proposed a similar scheme based on the non-abelian factorisation assumption. The security of these schemes is essentially based on a two-side matrices exponentiation (TSME) problem. In this study, the authors show that the TSME problem is susceptible to a very efficient linearisation equations attack. Regardless of the public key parameters, the authors can easily find an equivalent key only in polynomial time O(2n(5)(log n +1)) from the public key alone, and thus it is very practical and can be implemented within less than 1/20 of a second on the recommended system parameters of the schemes.

Jiahui Chen,Jie Ling,Jianting Ning,Jintai Ding

DOI: https://doi.org/10.1093/comjnl/bxz013

2019-01-01

The Computer Journal

Abstract:In this paper, we proposed an idea to construct a general multivariate public key cryptographic (MPKC) scheme based on a user's identity. In our construction, each user is distributed a unique identity by the key distribution center (KDC) and we use this key to generate user's private keys. Thereafter, we use these private keys to produce the corresponding public key. This method can make key generating process easier so that the public key will reduce from dozens of Kilobyte to several bits. We then use our general scheme to construct practical identity-based signature schemes named ID-UOV and ID-Rainbow based on two well-known and promising MPKC signature schemes, respectively. Finally, we present the security analysis and give experiments for all of our proposed schemes and the baseline schemes. Comparison shows that our schemes are both efficient and practical.

张彪,王立华

DOI: https://doi.org/10.3321/j.issn:0367-6234.2003.01.031

2003-01-01

Abstract:A matrix cover(MC) problem which can be solved rapidly is presented.Based on this foundation,a new type of public key cryptosystem is designed by using linear decomposition of this MC problem and concea- ling this MC problem by matrix cover.The obtained cryptosystem modifies the class of MC public key crypto- systems.Comparing with the previous cryptosystems,there are no exposed equations in the structure of the cryptosystem in this paper,then the decipherment method by using exposed equations in the structure of the cryptosystem is removed,the security of the cryptosystem is better than that of the previous cryptosystems.Be- sides,the obtained cryptosystem eliminates the restriction on the decomposition number of the previous crypto- systems,the quantities of public key and secret key can be reduced much by properly reducing the decomposi- tion number.

SUN Chang-yi,LI Yi-fa,SI Xue-ming

DOI: https://doi.org/10.3969/j.issn.1671-0673.2012.02.004

2012-01-01

Abstract:The post-quantum cryptography is a fascinating research challenge,and multivariate cryptography is one of the alternatives to guarantee the security of communication in the post-quantum world.The existing proxy ring signatures are based on the assumed hardness of big integer factoring problem and Discrete Logarithm problem which cannot resist quantum computer attack.So we design a new proxy ring signature scheme based on the MQ problem and IP problem of multivariate public key cryptography.It not only meets the requirements of proxy ring signature,but has benefits of quantum attack resistance,fast computing,and high efficiency.

Jintai Ding,John Wagner

DOI: https://doi.org/10.1007/978-3-540-88403-3_9

2008-01-01

Abstract:In 1989, Tsujii, Fujioka, and Hirayama proposed a family of multivariate public key cryptosystems, where the public key is given as a set of multivariate rational functions of degree 4. These cryptosystems are constructed via composition of two quadratic rational maps. In this paper, we present the cryptanalysis of this family of cryptosystems. The key point of our attack is to transform a problem of decomposition of two rational maps into a problem of decomposition of two polynomial maps. We develop a new improved 2R decomposition method and other new techniques, which allows us to find an equivalent decomposition of the rational maps to break the system completely. For the example suggested for practical applications, it is very fast to derive an equivalent private key, and it requires only a few seconds on a standard PC.

olivier billet,jintai ding

DOI: https://doi.org/10.1007/978-3-540-93806-4_15

2009-01-01

Abstract:This paper summarizes most of the main developments in the cryptanalysis of multivariate cryptosystems and discuss some problems that remain open. A strong emphasis is put on the symbolic computation tools that have been used to achieve these advances.