[Resource Topic] 2004/237: Efficient Cryptanalysis of RSE(2)PKC and RSSE(2)PKC

Welcome to the resource topic for 2004/237

Efficient Cryptanalysis of RSE(2)PKC and RSSE(2)PKC

Authors: Christopher Wolf, An Braeken, Bart Preneel


In this paper, we study the new class step-wise Triangular Schemes (STS) of public key cryptosystems (PKC) based on multivariate quadratic polynomials. In these schemes, we have m the number of equations, n the number of variables, L the number of steps/layers, r the number of equations/variables per step, and q
the size of the underlying field. We present two attacks on the STS class by exploiting the chain of the kernels of the private key polynomials. The first attack is an inversion attack which computes the message/signature for given ciphertext/message in O(mn^3Lq^r + n^2Lrq^r), the second is a structural attack which recovers an equivalent version of the secret key in O(mn^3Lq^r + mn^4) operations.
Since the legitimate user has workload q^r for decrypting/computing a signature, the attacks presented in this paper are very efficient. As an application, we show that two special instances of STS, namely RSE(2)PKC and RSSE(2)PKC, recently proposed by Kasahara and Sakai, are insecure.

ePrint: https://eprint.iacr.org/2004/237

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .