Polly Cracker, Revisited, Revisited
نویسنده
چکیده
In this paper, we consider the Polly Cracker with Noise (PCN) cryptosystem by Albrecht, Farshim, Faugère, and Perret (Asiacrypt 2011), which is a public-key cryptosystem based on the hardness of computing Gröbner bases for noisy random systems of multivariate equations. We examine four settings, covering all possible parameter ranges of PCN with zero-degree noise. In the first setting, the PCN cryptosystem is known to be equivalent to Regev’s LWE-based scheme. In the second, it is known to be at most as secure as Regev’s scheme. We show that for one other settings it is equivalent to a variants of Regev’s with less efficiency and in the last setting it is completely insecure and we give an efficient key-recovery attack. Unrelated to the attack, we also fix some flaws in the security proofs of PCN. keywords: Polly Cracker with Noise, Learning with Errors, Gröbner bases, Cryptanalysis
منابع مشابه
Polly Cracker, Revisited
In this work, we initiate the formal treatment of cryptographic constructions (“Polly Cracker”) based on the hardness of computing remainders modulo an ideal. We start by formalising and studying the relation between the ideal remainder problem and the problem of computing a Gröbner basis. We show both positive and negative results. On the negative side, we define a symmetric Polly Cracker encr...
متن کاملPrivate Key Extension of Polly Cracker Cryptosystems
In 1993 Koblitz and Fellows proposed a public key cryptosystem, Polly Cracker, based on the problem of solving multivariate systems of polynomial equations, which was soon generalized to a Gröbner basis formulation. Since then a handful of improvements of this construction has been proposed. In this paper it is suggested that security, and possibly e ciency, of any Polly Cracker-type cryptosyst...
متن کاملNoncommutative Polly Cracker-type cryptosystems and chosen-ciphertext security
In this paper we consider chosen-ciphertext attacks against noncommutative Polly Cracker-type cryptosystems. We present several versions of these attacks, as well as techniques to counter them. First we introduce a chosen-ciphertext attack, which assumes a very simple private key. We then present generalizations of this attack which are valid in more general situations, and propose a simple but...
متن کاملCountering chosen-ciphertext attacks against noncommutative polly cracker-type cryptosystems
In [2], Stanislav Bulygin presents a chosen-ciphertext attack against certain instances of noncommutative polly cracker-type cryptosystems which were proposed in [7] and [9]. In this article, we present generalized versions of this attack, which can be used against virtually all polly cracker-type cryptosystems. We then present a simple but effective techique to counter these attacks. We also p...
متن کاملPractical Fully Homomorphic Encryption for Integers over Polynomial Quotient Rings
In this article we describe a simplified version of Polly Cracker-style fully homomorphic encryption scheme. The main feature of our scheme is an ability to define a strict upper bound of ciphertext size when performing calculations on it for both addition and multiplication. Combined with homomorphic properties of Polly Cracker it’s able to reach high calculation performance without degrading ...
متن کامل