On Asymptotic Security Estimates in XL and Gröbner Bases-Related Algebraic Cryptanalysis
نویسندگان
چکیده
“Algebraic Cryptanalysis” against a cryptosystem often comprises finding enough relations that are generally or probabilistically valid, then solving the resultant system. The security of many schemes (most important being AES) thus depends on the difficulty of solving multivariate polynomial equations. Generically, this is NP-hard. The related methods of XL (eXtended Linearization), Gröbner Bases, and their variants (of which a large number has been proposed) form a unified approach to solving equations and thus affect our assessment and understanding of many cryptosystems. Building on prior theory, we analyze these XL variants and derive asymptotic formulas giving better security estimates under XL-related algebraic attacks; through this examination we have hopefully improved our understanding of such variants. In particular, guessing a portion of variables is a good idea for both XL and Gröbner Bases methods.
منابع مشابه
All in the XL Family: Theory and Practice
The XL (eXtended Linearization) equation-solving algorithm belongs to the same extended family as the advanced Gröbner Bases methods F4/F5. XL and its relatives may be used as direct attacks against multivariate Public-Key Cryptosystems and as final stages for many “algebraic cryptanalysis” used today. We analyze the applicability and performance of XL and its relatives, particularly for generi...
متن کاملTECHNISCHE UNIVERSITEIT EINDHOVEN Department of Mathematics and Computing Science MASTER ’ S
Recently, a special kind of cryptanalysis coined as the algebraic attack has gained a lot of attention. In this thesis, we clarify this attack and discuss the threat to common ciphers. Among the known attacks, one can roughly distinguish between two classes. The first consists of structural attacks that focus on specific properties of a certain cipher. The second includes inversion attacks, whi...
متن کاملAlgebraic Attacks Galore!
Received: May 15, 2009 This is the first in a two-part survey of current techniques in algebraic cryptanalysis. After introducing the basic setup of algebraic attacks and discussing several attack scenarios for symmetric cryptosystems, public key cryptosystems, and stream ciphers, we discuss a number of individual methods. The XL, XSL, and MutantXL attacks are based on linearization techniques ...
متن کاملRelation between XL algorithm and Gröbner Bases Algorithms
We clarify a relation between the XL algorithm and Gröbner bases algorithms. The XL algorithm was proposed to be a more efficient algorithm to solve a system of equations with a special assumption without trying to calculate a whole Gröbner basis. But in our result, it is shown that the XL algorithm is also a Gröbner bases algorithm which can be represented as a redundant version of a Gröbner b...
متن کاملAlgebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases
In this paper, we review and explain the existing algebraic cryptanalysis of multivariate cryptosystems from the hidden field equation (HFE) family. These cryptanalysis break cryptosystems in the HFE family by solving multivariate systems of equations. In this paper we present a new and efficient attack of this cryptosystem based on fast algorithms for computing Gröbner basis. In particular it ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004