Cryptanalysis of the Tractable Rational Map Cryptosystem

9 years 11 months ago
Cryptanalysis of the Tractable Rational Map Cryptosystem
In this paper, we present the cryptanalysis of a public key scheme based on a system of multivariate polynomial equations, the ”tractable rational map” cryptosystem. We show combinatorial weaknesses of the cryptosystem, and introduce a variant of the XL resolution algorithm, the Linear Method, which is able to leverage these weaknesses to invert in short time the trapdoor one-way function defined by the cipher using only the public key, and even rebuild a private key. We also interpret the behavior of the Linear Method on random instances of the scheme, and show that various generalizations of the cipher, as well as an increase of the security parameter, cannot lead to a secure scheme. Key words: Public Key Cryptography, Polynomial Systems, Tractable Rational Map Cryptosystem, XL, Gr¨obner Bases, Isomorphism of Polynomials
Antoine Joux, Sébastien Kunz-Jacques, Fr&ea
Added 28 Jun 2010
Updated 28 Jun 2010
Type Conference
Year 2005
Where PKC
Authors Antoine Joux, Sébastien Kunz-Jacques, Frédéric Muller, Pierre-Michel Ricordel
Comments (0)