Results 1 - 10
of
126
A Polynomial-Time Key-Recovery Attack on MQQ Cryptosystems
"... Abstract. We investigate the security of the family of MQQ public key cryptosystems using multivari-ate quadratic quasigroups (MQQ). These cryptosystems show especially good performance properties. In particular, the MQQ-SIG signature scheme is the fastest scheme in the ECRYPT benchmarking of crypto ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
of cryptographic systems (eBACS). We show that both the signature scheme MQQ-SIG and the encryption scheme MQQ-ENC, although using different types of MQQs, share a common algebraic structure that introduces a weakness in both schemes. We use this weakness to mount a successful polynomial time key-recovery attack
Key-Recovery Attacks on ASASA?
"... Abstract. The ASASA construction is a new design scheme introduced at Asiacrypt 2014 by Biryukov, Bouillaguet and Khovratovich. Its versatility was illustrated by building two public-key encryption schemes, a secret-key scheme, as well as super S-box subcomponents of a white-box scheme. However one ..."
Abstract
- Add to MetaCart
of the two public-key cryptosystems was recently broken at Crypto 2015 by Gilbert, Plût and Treger. As our main contribution, we propose a new algebraic key-recovery attack able to break at once the secret-key scheme as well as the remaining public-key scheme, in time complexity 263 and 239 respectively (the
Analysis of the MQQ Public Key Cryptosystem
"... MQQ is a multivariate cryptosystem based on multivariate quadratic quasigroups and the Dobbertin transformation [18]. The cryptosystem was broken both by Gröbner bases computation and MutantXL [27]. The complexity of Gröbner bases computation is exponential in the degree of regularity, which is the ..."
Abstract
-
Cited by 4 (3 self)
- Add to MetaCart
MQQ is a multivariate cryptosystem based on multivariate quadratic quasigroups and the Dobbertin transformation [18]. The cryptosystem was broken both by Gröbner bases computation and MutantXL [27]. The complexity of Gröbner bases computation is exponential in the degree of regularity, which
Algebraic Attack on the MQQ Public Key Cryptosystem
"... In this paper, we present an efficient attack on the multivariate Quadratic Quasigroups (MQQ) public key cryptosystem. Our cryptanalysis breaks the MQQ cryptosystem by solving a system of multivariate quadratic polynomial equations using both the MutantXL algorithm and the F4 algorithm. We present t ..."
Abstract
-
Cited by 5 (0 self)
- Add to MetaCart
In this paper, we present an efficient attack on the multivariate Quadratic Quasigroups (MQQ) public key cryptosystem. Our cryptanalysis breaks the MQQ cryptosystem by solving a system of multivariate quadratic polynomial equations using both the MutantXL algorithm and the F4 algorithm. We present
Key-Recovery Attack on the ASASA Cryptosystem With Expanding S-Boxes
"... Abstract. We present a cryptanalysis of the ASASA public key cipher introduced at Asiacrypt 2014 [3]. This scheme alternates three layers of affine transformations A with two layers of quadratic substitutions S. We show that the partial derivatives of the public key polynomials contain information a ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
about the intermediate layer. This enables us to present a very simple distinguisher between an ASASA public key and random polynomials. We then expand upon the ideas of the distinguisher to achieve a full secret key recovery. This method uses only linear algebra and has a complexity dominated
A Family of Weak Keys in HFE (and the Corresponding Practical Key-Recovery)
"... The HFE (Hidden Field Equations) cryptosystem is one of the most interesting public-key multivariate scheme. It has been proposed more than 10 years ago by Patarin and seems to withstand the attacks that break many other multivariate schemes, since only subexponential ones have been proposed. The p ..."
Abstract
-
Cited by 4 (1 self)
- Add to MetaCart
of the internal polynomial are defined in the ground field. In this case, we reduce the secret key recovery problem to an instance of the Isomorphism of Polynomials (IP) problem between the equations of the public key and themselves. Even though for schemes such as SFLASH or C ∗ the hardness of key-recovery
A Family of Weak Keys in HFE (and the Corresponding Practical Key-Recovery)
"... The HFE (Hidden Field Equations) cryptosystem is one of the most interesting public-key multivariate scheme. It has been proposed more than 10 years ago by Patarin and seems to withstand the attacks that break many other multivariate schemes, since only subexponential ones have been proposed. The p ..."
Abstract
- Add to MetaCart
of the internal polynomial are defined in the ground field. In this case, we reduce the secret key recovery problem to an instance of the Isomorphism of Polynomials (IP) problem between the equations of the public key and themselves. Even though for schemes such as SFLASH or C∗ the hardness of key-recovery relies
Deterministic Polynomial Time Equivalence between Factoring and Key-Recovery Attack on
- Takagi’s RSA”, Practice and Theory in Public Key Cryptography – PKC 2007, Lecture Notes in Computer Science
"... Abstract. For RSA, May showed a deterministic polynomial time equiv-alence of computing d to factoring N( = pq). On the other hand, Takagi showed a variant of RSA such that the decryption algorithm is faster than the standard RSA, where N = prq while ed = 1 mod (p−1)(q−1). In this paper, we show tha ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
Abstract. For RSA, May showed a deterministic polynomial time equiv-alence of computing d to factoring N( = pq). On the other hand, Takagi showed a variant of RSA such that the decryption algorithm is faster than the standard RSA, where N = prq while ed = 1 mod (p−1)(q−1). In this paper, we show
Algebraic Cryptanalysis of MQQ Public Key Cryptosystem
"... In this paper, we present an efficient attack to the multivariate Quadratic Quasigroups (MQQ) cryptosystem. Our cryptanalysis breaks MQQ cryptosystems by solving systems of multivariate quadratic polynomial equations using a modified version of the MutantXL algorithm. We present experimental results ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
In this paper, we present an efficient attack to the multivariate Quadratic Quasigroups (MQQ) cryptosystem. Our cryptanalysis breaks MQQ cryptosystems by solving systems of multivariate quadratic polynomial equations using a modified version of the MutantXL algorithm. We present experimental
The Security of Elastic Block Ciphers Against Key-Recovery Attacks
- In Proceedings of the Information Security Conference (ISC
, 2007
"... Abstract. We analyze the security of elastic block ciphers against key-recovery attacks. An elastic version of a fixed-length block cipher is a variable-length block cipher that supports any block size in the range of one to two times the length of the original block. Our method for creating an elas ..."
Abstract
-
Cited by 5 (4 self)
- Add to MetaCart
Abstract. We analyze the security of elastic block ciphers against key-recovery attacks. An elastic version of a fixed-length block cipher is a variable-length block cipher that supports any block size in the range of one to two times the length of the original block. Our method for creating
Results 1 - 10
of
126