Analysis of Multivariate Encryption Schemes: Application to Dob and $${C}^{*}$$

IF 2.3 3区计算机科学 Q2 COMPUTER SCIENCE, THEORY & METHODS

Journal of Cryptology Pub Date : 2024-04-18 DOI:10.1007/s00145-024-09501-w

Morten Øygarden, Patrick Felke, Håvard Raddum

{"title":"Analysis of Multivariate Encryption Schemes: Application to Dob and $${C}^{*}$$","authors":"Morten Øygarden, Patrick Felke, Håvard Raddum","doi":"10.1007/s00145-024-09501-w","DOIUrl":null,"url":null,"abstract":"A common strategy for constructing multivariate encryption schemes is to use a central map that is easy to invert over an extension field, along with a small number of modifications to thwart potential attacks. In this work, we study the effectiveness of these modifications, by deriving estimates for the number of degree fall polynomials. After developing the necessary tools, we focus on encryption schemes using the \$C^*\$ and Dobbertin central maps, with the internal perturbation (ip), and \$Q_+\$ modifications. For these constructions, we are able to accurately predict the number of degree fall polynomials produced in a Gröbner basis attack, up to and including degree 5 for the Dob encryption scheme and four for \$C^*\$. The predictions remain accurate even when fixing variables. Based on this new theory, we design a novel attack on Dob, which completely recovers the secret key for the parameters suggested by its designers. Due to the generality of the presented techniques, we also believe that they are of interest to the analysis of other big-field schemes.","PeriodicalId":54849,"journal":{"name":"Journal of Cryptology","volume":"51 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2024-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s00145-024-09501-w","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

A common strategy for constructing multivariate encryption schemes is to use a central map that is easy to invert over an extension field, along with a small number of modifications to thwart potential attacks. In this work, we study the effectiveness of these modifications, by deriving estimates for the number of degree fall polynomials. After developing the necessary tools, we focus on encryption schemes using the $C^*$ and Dobbertin central maps, with the internal perturbation (ip), and $Q_+$ modifications. For these constructions, we are able to accurately predict the number of degree fall polynomials produced in a Gröbner basis attack, up to and including degree 5 for the Dob encryption scheme and four for $C^*$. The predictions remain accurate even when fixing variables. Based on this new theory, we design a novel attack on Dob, which completely recovers the secret key for the parameters suggested by its designers. Due to the generality of the presented techniques, we also believe that they are of interest to the analysis of other big-field schemes.

Abstract Image

查看原文本刊更多论文

多元加密方案分析：对 Dob 和 $${C}^{*}$$ 的应用

构建多变量加密算法的一种常见策略是使用一个易于在扩展域上反转的中心映射，同时进行少量修改以挫败潜在的攻击。在这项工作中，我们通过推导度数下降多项式的估计值来研究这些修改的有效性。在开发了必要的工具之后，我们重点研究了使用内部扰动（ip）和（Q_+\）修改的（C^*\）和多贝廷中心图的加密方案。对于这些结构，我们能够准确地预测在格罗布纳基础攻击中产生的度数下降多项式的数量，对于多布加密方案，可以达到并包括5度，对于$C^*$，可以达到4度。即使在固定变量的情况下，预测结果依然准确。基于这一新理论，我们设计了一种针对 Dob 的新型攻击，它可以完全恢复设计者所建议的参数的秘钥。由于所提出的技术具有通用性，我们相信这些技术对分析其他大场方案也很有意义。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cryptology 工程技术-工程：电子与电气

CiteScore

7.10

自引率

3.30%

发文量

审稿时长

18 months

期刊介绍： The Journal of Cryptology is a forum for original results in all areas of modern information security. Both cryptography and cryptanalysis are covered, including information theoretic and complexity theoretic perspectives as well as implementation, application, and standards issues. Coverage includes such topics as public key and conventional algorithms and their implementations, cryptanalytic attacks, pseudo-random sequences, computational number theory, cryptographic protocols, untraceability, privacy, authentication, key management and quantum cryptography. In addition to full-length technical, survey, and historical articles, the journal publishes short notes.