2,022 research outputs found
Multivariate public key cryptography with polynomial composition
This paper presents a new public key cryptography scheme using multivariate polynomials over a finite field. Each multivariate polynomial from the public key is obtained by secretly and repeatedly composing affine transformations with series of quadratic polynomials (in a single variable). The main drawback of this scheme is the length of the public key
Polynomial-Time Algorithms for Quadratic Isomorphism of Polynomials: The Regular Case
Let and be
two sets of nonlinear polynomials over
( being a field). We consider the computational problem of finding
-- if any -- an invertible transformation on the variables mapping
to . The corresponding equivalence problem is known as {\tt
Isomorphism of Polynomials with one Secret} ({\tt IP1S}) and is a fundamental
problem in multivariate cryptography. The main result is a randomized
polynomial-time algorithm for solving {\tt IP1S} for quadratic instances, a
particular case of importance in cryptography and somewhat justifying {\it a
posteriori} the fact that {\it Graph Isomorphism} reduces to only cubic
instances of {\tt IP1S} (Agrawal and Saxena). To this end, we show that {\tt
IP1S} for quadratic polynomials can be reduced to a variant of the classical
module isomorphism problem in representation theory, which involves to test the
orthogonal simultaneous conjugacy of symmetric matrices. We show that we can
essentially {\it linearize} the problem by reducing quadratic-{\tt IP1S} to
test the orthogonal simultaneous similarity of symmetric matrices; this latter
problem was shown by Chistov, Ivanyos and Karpinski to be equivalent to finding
an invertible matrix in the linear space of matrices over and to compute the square root in a matrix
algebra. While computing square roots of matrices can be done efficiently using
numerical methods, it seems difficult to control the bit complexity of such
methods. However, we present exact and polynomial-time algorithms for computing
the square root in for various fields (including
finite fields). We then consider \\#{\tt IP1S}, the counting version of {\tt
IP1S} for quadratic instances. In particular, we provide a (complete)
characterization of the automorphism group of homogeneous quadratic
polynomials. Finally, we also consider the more general {\it Isomorphism of
Polynomials} ({\tt IP}) problem where we allow an invertible linear
transformation on the variables \emph{and} on the set of polynomials. A
randomized polynomial-time algorithm for solving {\tt IP} when
is presented. From an algorithmic point
of view, the problem boils down to factoring the determinant of a linear matrix
(\emph{i.e.}\ a matrix whose components are linear polynomials). This extends
to {\tt IP} a result of Kayal obtained for {\tt PolyProj}.Comment: Published in Journal of Complexity, Elsevier, 2015, pp.3
Hidden Irreducible Polynomials : A cryptosystem based on Multivariate Public Key Cryptography
Asymmetric schemes are moving towards a new series of cryptosystems based on known open problems that until the day guarantee security from the point that are not solvable under determined properties. In this paper you can read a novel research done mostly on the field of Multivariate Public Key Cryptography that focus the interest on sharing a pre-master key between Alice and Bob using quadratic multivariate polynomials as the public key. What does this scheme somehow special is that it uses a private construction involving polynomial factorization that allows Alice to recover the secret sent by Bob
A Variant of the XL Algorithm Using the Arithmetic over Polynomial Matrices (Computer Algebra : Foundations and Applications)
The title of this paper has been changed from the title of talk “Polynomial XL: A Variant of the XL Algorithm Using Macaulay Matrices over Polynomial Rings” at “Computer Algebra -Foundations and Applications”.Solving a system of multivariate polynomials is a classical but very important problem in many areas of mathematics and its applications, and in particular quadratic systems over finite fields play a major role in the multivariate public key cryptography. The XL algorithm is known to be one of the main approaches for solving a multivariate system, as well as Groebner basis approaches, and so far many variants of XL have been proposed. In this talk, we present a new variant of XL, which we name “Polynomial XL”, by using Macaulay matrices over polynomial rings
On Functional Decomposition of Multivariate Polynomials with Differentiation and Homogenization
In this paper, we give a theoretical analysis for the algorithms to compute
functional decomposition for multivariate polynomials based on differentiation
and homogenization which are proposed by Ye, Dai, Lam (1999) and Faugere,
Perret (2006, 2008, 2009). We show that a degree proper functional
decomposition for a set of randomly decomposable quartic homogenous polynomials
can be computed using the algorithm with high probability. This solves a
conjecture proposed by Ye, Dai, and Lam (1999). We also propose a conjecture
such that the decomposition for a set of polynomials can be computed from that
of its homogenization with high probability. Finally, we prove that the right
decomposition factors for a set of polynomials can be computed from its right
decomposition factor space. Combining these results together, we prove that the
algorithm can compute a degree proper decomposition for a set of randomly
decomposable quartic polynomials with probability one when the base field is of
characteristic zero, and with probability close to one when the base field is a
finite field with sufficiently large number under the assumption that the
conjeture is correct
Solving multivariate polynomial systems and an invariant from commutative algebra
The complexity of computing the solutions of a system of multivariate
polynomial equations by means of Gr\"obner bases computations is upper bounded
by a function of the solving degree. In this paper, we discuss how to
rigorously estimate the solving degree of a system, focusing on systems arising
within public-key cryptography. In particular, we show that it is upper bounded
by, and often equal to, the Castelnuovo Mumford regularity of the ideal
generated by the homogenization of the equations of the system, or by the
equations themselves in case they are homogeneous. We discuss the underlying
commutative algebra and clarify under which assumptions the commonly used
results hold. In particular, we discuss the assumption of being in generic
coordinates (often required for bounds obtained following this type of
approach) and prove that systems that contain the field equations or their fake
Weil descent are in generic coordinates. We also compare the notion of solving
degree with that of degree of regularity, which is commonly used in the
literature. We complement the paper with some examples of bounds obtained
following the strategy that we describe
Ring Learning With Errors: A crossroads between postquantum cryptography, machine learning and number theory
The present survey reports on the state of the art of the different
cryptographic functionalities built upon the ring learning with errors problem
and its interplay with several classical problems in algebraic number theory.
The survey is based to a certain extent on an invited course given by the
author at the Basque Center for Applied Mathematics in September 2018.Comment: arXiv admin note: text overlap with arXiv:1508.01375 by other
authors/ comment of the author: quotation has been added to Theorem 5.
Fast Quantum Algorithm for Solving Multivariate Quadratic Equations
In August 2015 the cryptographic world was shaken by a sudden and surprising
announcement by the US National Security Agency NSA concerning plans to
transition to post-quantum algorithms. Since this announcement post-quantum
cryptography has become a topic of primary interest for several standardization
bodies. The transition from the currently deployed public-key algorithms to
post-quantum algorithms has been found to be challenging in many aspects. In
particular the problem of evaluating the quantum-bit security of such
post-quantum cryptosystems remains vastly open. Of course this question is of
primarily concern in the process of standardizing the post-quantum
cryptosystems. In this paper we consider the quantum security of the problem of
solving a system of {\it Boolean multivariate quadratic equations in
variables} (\MQb); a central problem in post-quantum cryptography. When ,
under a natural algebraic assumption, we present a Las-Vegas quantum algorithm
solving \MQb{} that requires the evaluation of, on average,
quantum gates. To our knowledge this is the fastest algorithm for solving
\MQb{}
- …