Kipnis-Shamir attack on HFE revisited

Xin Jiang*, Jintai Ding, Lei Hu

*Corresponding author for this work

Research output: Chapter in Book or Report/Conference proceedingConference Proceedingpeer-review

14 Citations (Scopus)

Abstract

In this paper, we show the claims in the original Kipnis-Shamir attack on the HFE cryptosystems and the improved attack by Courtois that the complexity of the attacks is polynomial in terms of the number of variables are invalid. We present computer experiments and a theoretical argument using basic algebraic geometry to explain why it is so. Furthermore we show that even with the help of the powerful new Gröbner basis algorithm like F 4, the Kipnis-Shamir attack still should be exponential but not polynomial. This again is supported by our theoretical argument.

Original languageEnglish
Title of host publicationInformation Security and Cryptology - Third SKLOIS Conference, Inscrypt 2007, Revised Selected Papers
Pages399-411
Number of pages13
DOIs
Publication statusPublished - 2008
Externally publishedYes
Event3rd SKLOIS Conference on Information Security and Cryptology, Inscrypt 2007 - Xining, China
Duration: 31 Aug 20075 Sept 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4990 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference3rd SKLOIS Conference on Information Security and Cryptology, Inscrypt 2007
Country/TerritoryChina
CityXining
Period31/08/075/09/07

Keywords

  • Gröbner basis
  • HFE
  • MinRank
  • Multivariate public key cryptosystem
  • Relinearization
  • XL algorithm

Fingerprint

Dive into the research topics of 'Kipnis-Shamir attack on HFE revisited'. Together they form a unique fingerprint.

Cite this