Paper Info
Title
Cryptanalysis of multivariate and odd-characteristic HFE variants
Abstract
We investigate the security of a generalization of HFE (multivariate and odd-characteristic variants). First, we propose an improved version of the basic Kipnis-Shamir key recovery attack against HFE. Second, we generalize the Kipnis-Shamir attack to Multi-HFE. The attack reduces to solve a MinRank problem directly on the public key. This leads to an improvement of a factor corresponding to the square of the degree of the extension field. We used recent results on MinRank to show that our attack is polynomial in the degree of the extension field. It appears that multi-HFE is less secure than original HFE for equal-sized keys. Finally, adaptations of our attack overcome several variants (i.e. minus modifier and embedding). As a proof of concept, we have practically broken the most conservative parameters given by Chen, Chen, Ding, Werner and Yang in 9 days for 256 bits security. All in all, our results give a more precise picture on the (in)security of several variants of HFE proposed these last years.
Year
DOI
Venue
2011
10.1007/978-3-642-19379-8_27
Public Key Cryptography
Keywords
Field
DocType
basic kipnis-shamir key recovery,equal-sized key,original hfe,bits security,extension field,odd-characteristic hfe variant,public key,improved version,minrank problem,kipnis-shamir attack,conservative parameter,hidden field equations,proof of concept
Discrete mathematics,Embedding,Chen,Polynomial,Computer science,Multivariate statistics,Hidden Field Equations,Cryptanalysis,Theoretical computer science,Public-key cryptography,Key-recovery attack
Conference
Volume
ISSN
Citations 
6571
0302-9743
13
PageRank 
References 
Authors
0.67
24
3
Name
Order
Citations
PageRank
Luk Bettale11117.18
Jean-Charles Faugère2103774.00
Ludovic Perret354639.06