Cryptanalysis of \2R" Schemes
نویسنده
چکیده
The function decomposition problem can be stated as: Given the algebraic expression of the composition of two mappings, how can we identify the two factors? This problem is believed to be in general intractable [1]. Based on this belief, J. Patarin and L. Goubin designed a new family of candidates for public key cryptography, the so called \2R schemes" [10, 11]. The public key of a \2R"-scheme is a composition of two quadratic mappings, which is given by n polynomials in n variables over a nite eld K with q elements. In this paper, we contend that a composition of two quadratic mappings can be decomposed in most cases as long as q > 4. Our method is based on heuristic arguments rather than rigorous proofs. However, through computer experiments, we have observed its e ectiveness when applied to the example scheme \D "given in [10].
منابع مشابه
Cryptanalysis of 2R- Schemes
In this paper, we study the security of 2R− schemes [17, 18], which are the “minus variant” of two-round schemes. This variant consists in removing some of the n polynomials of the public key, and permits to thwart an attack described at Crypto’99 [25] against two-round schemes. Usually, the “minus variant” leads to a real strengthening of the considered schemes. We show here that this is actua...
متن کاملAn efficient algorithm for decomposing multivariate polynomials and its applications to cryptography
In this paper, we present an efficient and general algorithm for decomposing multivariate polynomials of the same arbitrary degree. This problem, also known as the Functional Decomposition Problem (FDP) (31), is classical in computer algebra. It is the first general method addressing the decomposition of multivariate polynomials (any degree, any number of polynomials). As a byproduct, our appro...
متن کاملArtemia: a family of provably secure authenticated encryption schemes
Authenticated encryption schemes establish both privacy and authenticity. This paper specifies a family of the dedicated authenticated encryption schemes, Artemia. It is an online nonce-based authenticated encryption scheme which supports the associated data. Artemia uses the permutation based mode, JHAE, that is provably secure in the ideal permutation model. The scheme does not require the in...
متن کاملCryptanalysis of Patarin's 2-Round Public Key System with S Boxes (2R)
In a series of papers Patarin proposes new efficient public key systems. A very interesting proposal, called 2-Round Public Key System with S Boxes, or 2R, is based on the difficulty of decomposing the structure of several rounds of unknown linear transformations and S boxes. This difficulty is due to the difficulty of decomposing compositions of multivariate binary functions. In this paper we ...
متن کاملAn efficient secure channel coding scheme based on polar codes
In this paper, we propose a new framework for joint encryption encoding scheme based on polar codes, namely efficient and secure joint secret key encryption channel coding scheme. The issue of using new coding structure, i.e. polar codes in Rao-Nam (RN) like schemes is addressed. Cryptanalysis methods show that the proposed scheme has an acceptable level of security with a relatively smaller ke...
متن کامل