435 research outputs found
The complexity of MinRank
In this note, we leverage some of our results from arXiv:1706.06319 to
produce a concise and rigorous proof for the complexity of the generalized
MinRank Problem in the under-defined and well-defined case. Our main theorem
recovers and extends previous results by Faug\`ere, Safey El Din, Spaenlehauer
(arXiv:1112.4411).Comment: Corrected a typo in the formula of the main theore
Cryptography from tensor problems
We describe a new proposal for a trap-door one-way function. The new proposal belongs to the "multivariate quadratic" family but the trap-door is different from existing methods, and is simpler
Group theory in cryptography
This paper is a guide for the pure mathematician who would like to know more
about cryptography based on group theory. The paper gives a brief overview of
the subject, and provides pointers to good textbooks, key research papers and
recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor
typographical changes. To appear in Proceedings of Groups St Andrews 2009 in
Bath, U
On the Complexity of Solving Quadratic Boolean Systems
A fundamental problem in computer science is to find all the common zeroes of
quadratic polynomials in unknowns over . The
cryptanalysis of several modern ciphers reduces to this problem. Up to now, the
best complexity bound was reached by an exhaustive search in
operations. We give an algorithm that reduces the problem to a combination of
exhaustive search and sparse linear algebra. This algorithm has several
variants depending on the method used for the linear algebra step. Under
precise algebraic assumptions on the input system, we show that the
deterministic variant of our algorithm has complexity bounded by
when , while a probabilistic variant of the Las Vegas type
has expected complexity . Experiments on random systems show
that the algebraic assumptions are satisfied with probability very close to~1.
We also give a rough estimate for the actual threshold between our method and
exhaustive search, which is as low as~200, and thus very relevant for
cryptographic applications.Comment: 25 page
Efficient Decomposition of Dense Matrices over GF(2)
In this work we describe an efficient implementation of a hierarchy of
algorithms for the decomposition of dense matrices over the field with two
elements (GF(2)). Matrix decomposition is an essential building block for
solving dense systems of linear and non-linear equations and thus much research
has been devoted to improve the asymptotic complexity of such algorithms. In
this work we discuss an implementation of both well-known and improved
algorithms in the M4RI library. The focus of our discussion is on a new variant
of the M4RI algorithm - denoted MMPF in this work -- which allows for
considerable performance gains in practice when compared to the previously
fastest implementation. We provide performance figures on x86_64 CPUs to
demonstrate the viability of our approach
Cryptanalysis of the multivariate encryption scheme EFLASH
Post-Quantum Cryptography studies cryptographic algorithms that quantum computers cannot break. Recent advances in quantum computing have made this kind of cryptography necessary, and research in the field has surged over the last years as a result. One of the main families of post-quantum cryptographic schemes is based on finding solutions of a polynomial system over finite fields. This family, known as multivariate cryptography, includes both public key encryption and signature schemes.
The majority of the research contribution of this thesis is devoted to understanding the security of multivariate cryptography. We mainly focus on big field schemes, i.e., constructions that utilize the structure of a large extension field. One essential contribution is an increased understanding of how Gröbner basis algorithms can exploit this structure. The increased knowledge furthermore allows us to design new attacks in this setting. In particular, the methods are applied to two encryption schemes suggested in the literature: EFLASH and Dob. We show that the recommended parameters for these schemes will not achieve the proposed 80-bit security. Moreover, it seems unlikely that there can be secure and efficient variants based on these ideas. Another contribution is the study of the effectiveness and limitations of a recently proposed rank attack. Finally, we analyze some of the algebraic properties of MiMC, a block cipher designed to minimize its multiplicative complexity.Doktorgradsavhandlin
- …