Cryptanalysis of Imai and Matsumoto Scheme B Asymmetric Cryptosystem
نویسندگان
چکیده
Imai and Matsumoto introduced alternative algebraic methods for constructing public key cryptosystems. An obvious advantage of theses public key cryptosystems is that the private side computations can be made very efficient with a simple hardware. Almost all of these proposals and variants of them were broken. However, scheme “B” in [3] is still unbroken. In this paper we show some statistical weaknesses of this scheme. In particular, we show that trying to minimize the size of the public key facilitates a cryptanalytic attack that enables the cryptanalyst to decrypt, with high probability of success, a given ciphertext by performing a very limited number of encryption operations using the public encryption function.
منابع مشابه
Differential Cryptanalysis for Multivariate Schemes
In this paper we propose a novel cryptanalytic method against multivariate schemes, which adapts differential cryptanalysis to this setting. In multivariate quadratic systems, the differential of the public key is a linear map and has invariants such as the dimension of the kernel. Using linear algebra, the study of this invariant can be used to gain information on the secret key. We successful...
متن کاملCryptanalysis of Novel Extended Multivariate Public Key Cryptosystem with Invertible Cycle
In 2016, Qiao et al. proposed a novel extended multivariate public key cryptosystem (EMC) to enhance the security of multivariate public key cryptosystem. They applied it on Matsumoto-Imai (MI) encryption scheme and claimed that the enhanced MI scheme can be secure against Linearization Equation (LE) attack. Through analysis, we found that the enhanced MI scheme satisfied Quadratization Equatio...
متن کاملFast Cryptanalysis of the Matsumoto-Imai Public Key Scheme
The Matsumoto-Imai public key scheme was developed to provide very fast signatures. It is based on substitution polynomials over GF( 2 ). This paper shows in two ways that the Matsumoto-Imai public key scheme is very easy to break. In the faster of the two attacks the time to cryptanalyze the scheme is about proportional to the binary length of the public key. This shows that Matsumoto and Imai...
متن کاملConstruction of Extended Multivariate Public Key Cryptosystems
Based on the ideas: “invertible cycle”, “tame transformation” and “special oil and vinegar”, three different nonlinear invertible transformations were constructed separately. Then making use of the idea of the extended multivariate public key cryptosystem, and combining the nonlinear invertible transformations above with Matsumoto-Imai (MI) scheme, three methods of designing extended multivaria...
متن کاملInoculating Multivariate Schemes Against Differential Attacks
We demonstrate how to prevent differential attacks on multivariate public key cryptosystems using the Plus (+) method of external perturbation. In particular, we prescribe adding as few as 10 Plus polynomials to the Perturbed Matsumoto-Imai (PMI) cryptosystem when g = 1 and r = 6, where θ is the Matsumoto-Imai exponent, n is the message length, g = gcd (θ, n), and r is the internal perturbation...
متن کامل