Predicting zero reductions in Gr\"obner basis computations

Since Buchberger's initial algorithm for computing Gr\"obner bases in 1965 many attempts have been taken to detect zero reductions in advance. Buchberger's Product and Chain criteria may be known the most, especially in the installaton of Gebauer and M\"oller. A relatively new approach are signature-based criteria which were first used in Faug\`ere's F5 algorithm in 2002. For regular input sequences these criteria are known to compute no zero reduction at all. In this paper we give a detailed discussion on zero reductions and the corresponding syzygies. We explain how the different methods to predict them compare to each other and show advantages and drawbacks in theory and practice. With this a new insight into algebraic structures underlying Gr\"obner bases and their computations might be achieved.Comment: 25 pages, 3 figure

Preimage Attacks on the Round-reduced Keccak with Cross-linear Structures

In this paper, based on the work pioneered by Aumasson and Meier, Dinur et al., and Guo et al., we construct some new delicate structures from the roundreduced versions of Keccakhash function family. The new constructed structures are called cross-linear structures, because linear polynomials appear across in different equations of these structures. And we apply cross-linear structures to do preimage attacks on some instances of the round-reduced Keccak. There are three main contributions in this paper. First, we construct a kind of cross-linear structures by setting the statuses carefully. With these cross-linear structures, guessing the value of one linear polynomial could lead to three linear equations (including the guessed one). Second, for some special cases, e.g. the 3-round Keccakchallenge instance Keccak[r=240, c=160, nr=3], a more special kind of cross-linear structures is constructed, and these structures can be used to obtain seven linear equations (including the guessed) if the values of two linear polynomials are guessed. Third, as applications of the cross-linear structures, we practically found a preimage for the 3-round KeccakChallenge instance Keccak[r=240, c=160, nr=3]. Besides, by constructing similar cross-linear structures, the complexity of the preimage attack on 3-round Keccak-256/SHA3-256/SHAKE256 can be lowered to 2150/2151/2153 operations, while the previous best known result on Keccak-256 is 2192

A survey on signature-based Gr\"obner basis computations

This paper is a survey on the area of signature-based Gr\"obner basis algorithms that was initiated by Faug\`ere's F5 algorithm in 2002. We explain the general ideas behind the usage of signatures. We show how to classify the various known variants by 3 different orderings. For this we give translations between different notations and show that besides notations many approaches are just the same. Moreover, we give a general description of how the idea of signatures is quite natural when performing the reduction process using linear algebra. This survey shall help to outline this field of active research.Comment: 53 pages, 8 figures, 11 table

A survey on signature-based algorithms for computing Gröbner basis computations

International audienceThis paper is a survey on the area of signature-based Gröbner basis algorithms that was initiated by Faugère's F5 algorithm in 2002. We explain the general ideas behind the usage of signatures. We show how to classify the various known variants by 3 different orderings. For this we give translations between different notations and show that besides notations many approaches are just the same. Moreover, we give a general description of how the idea of signatures is quite natural when performing the reduction process using linear algebra. This survey shall help to outline this field of active research