Akile The original HFE scheme [ 5 ] works on any field and its extension. In the Matsumoto-Imai scheme, a permutation over with characteristic 2 is defined such thatthen using two invertible affine transformations and to disguise the central map into a quadratic map overnamely, The basic idea of the attack is as follows. History of cryptography Cryptanalysis Outline of cryptography. So the proposed scheme reduces the public key size by bits. So given a ciphertextwe only need to solve the linearization equations to obtain the corresponding plaintext.
|Published (Last):||3 December 2010|
|PDF File Size:||15.1 Mb|
|ePub File Size:||13.70 Mb|
|Price:||Free* [*Free Regsitration Required]|
A natural generalization of this approach is to consider systems of several modular equations in several variables. The new type of attack is quite general, and in a companion paper we use it to attack other multivariate algebraic schemes, such as the Dragon encryption and signature schemes.
However, we would like to emphasize that the polynomial time complexities may be infeasibly large for some choices of the parameters, and thus some variants of these schemes may remain practically unbroken in spite of the new attack.
This process is experimental and the keywords may be updated as the learning algorithm improves. Download to read the full conference paper text References CSV Coppersmith, J. Stern and S. Google Scholar FD Fell and W. Google Scholar KS Kipnis and A. Google Scholar K Google Scholar MI Matsumoto and H.
Google Scholar OSS Ong, C. Schnorr, and A. Theory of Computation, , pp. Google Scholar P Google Scholar P96a. Google Scholar P96b. Google Scholar PS Pollard and C. Information Theory, vol. IT, no. Google Scholar Copyright information.
Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization
CRYPTANALYSIS OF THE HFE PUBLIC KEY CRYPTOSYSTEM BY RELINEARIZATION PDF