Sciweavers

EUROCRYPT
2008
Springer

Key Recovery on Hidden Monomial Multivariate Schemes

13 years 5 months ago
Key Recovery on Hidden Monomial Multivariate Schemes
Abstract. The problem we study in this paper is the key recovery problem on the C schemes and generalizations where the quadratic monomial of C (the product of two linear monomials) is replaced by a product of three or more linear monomials. This problem has been further generalized to any multivariate polynomial hidden by two invertible linear maps and named the Isomorphism of Polynomials (IP) problem by Patarin et al. Some cryptosystems have been built on this appearing hard problem such as a traitor tracing scheme proposed by Billet and Gilbert. Here we show that if the hidden multivariate monomial is a quadratic monomial, as in SFLASH, or a cubic (or higher) monomial as in the traitor tracing scheme, then it is possible to recover an equivalent secret key in polynomial time O(nd ) where n is the number of variables and d is the degree of the public polynomials.
Pierre-Alain Fouque, Gilles Macario-Rat, Jacques S
Added 19 Oct 2010
Updated 19 Oct 2010
Type Conference
Year 2008
Where EUROCRYPT
Authors Pierre-Alain Fouque, Gilles Macario-Rat, Jacques Stern
Comments (0)