Cryptanalysis of the the Polynomial Reconstruction Based Public-Key Cryptosystem of Eurocrypt’03 in the Optimal Parameter Setting

In Eurocrypt 2003, Augot and Finiasz presented a novel Public-key Cryptosystem based on the Polynomial Reconstruction Problem. While there is no immediate way to use coding theoretic techniques to break their system, it has been subsequently broken by Coron who presented a ciphertext-only attack (based on a worst case analysis). In the present work we study the optimal parameter setting of their cryptosystem and analyze it from a probabilistic point of view. We first show that a small modification of the parameters of this scheme foils the worst case analysis of the above attack; however we give an alternative probabilistic analysis showing that the attack works almost always. We then present a novel analysis of optimal parameter selection for their cryptosystem. We show that in the optimal setting of parameter selection, the Augot and Finiasz cryptosystem actually thwarts Coron’s attack. Then, we present a stronger ciphertext-only attack based on the Sudan and Guruswami-Sudan’s list-decoding algorithms that breaks the optimal parameter setting of this cryptosystem. We conclude that the Augot and Finiasz’s cryptosystem, regardless of exact choice of parameters, succumbs to a polynomial-time ciphertext-only attack.