A new class of moduli called the low-weight polynomial form integers (LWPFIs) is introduced. LWPFIs are expressed in a low-weight, monic polynomial form, p = f(t). While the generalized Mersenne numbers (GMNs) proposed by Solinas allow only powers of two for t, LWPFIs allow any positive integers. In our first proposal of LWPFIs, we limit the coefficients of f(t) to be 0 and ±1, but later we ext...

Many efficient attacks have appeared in recent years, which have led to serious blow for the traditional multivariate public key cryptosystems. For example, the signature scheme SFLASH was broken by Dubois et al. at CRYPTO’07, and the Square signature (or encryption) scheme by Billet et al. at ASIACRYPTO’09. Most multivariate schemes known so far are insecure, except maybe the sigature schemes ...

In a paper published at Asiacrypt 2000 a signature scheme that (apparently) cannot be abused for encryption is published. The problem is highly non-trivial and every solution should be looked upon with caution. What is especially hard to achieve is to avoid that the public key should leak some information, to be used as a possible ”shadow” secondary public key. In the present paper we argument ...

In 1989, Tsujii, Fujioka, and Hirayama proposed a family of multivariate public key cryptosystems, where the public key is given as a set of multivariate rational functions of degree 4[5]. These cryptosystems are constructed via composition of two quadratic rational maps. In this paper, we present the cryptanalysis of this family of cryptosystems. The key point of our attack is to transform a p...

ii iii Acknowledgements First of all, I would like to thank Prof. Johannes Buchmann for giving me the opportunity to join his research group, organizing the joint research between TUD and NTT, and promoting this doctor thesis as my supervisor. His suggestions and helpful support improve this work significantly. I would also like to thank Prof. Kouichi Sakurai for accepting the task of the secon...

In the last decade, a number of public key cryptosystems based on combinatorial group theoretic problems in braid groups have been proposed. Our tutorial is aimed at presenting these cryptosystems and some known attacks on them. We start with some basic facts on braid groups and on the Garside normal form of its elements. We then present some known algorithms for solving the word problem in the...

In this paper we propose the use of Boolean permutations to design public key cryptosystems. The security of the cryptosystems is based on the diiculty of inverting Boolean permutations. Using two Boolean permutations for which the inverses are easy to nd, one can construct a composite Boolean permutation which is hard to invert. The paper proposes three such Boolean permutation based public ke...

In this paper we show how to strengthen public-key cryptosystems against known attacks, together with the reduction of the public-key. We use properties of subcodes to mask the structure of the codes used by the conceiver of the system. We propose new parameters for the cryptosystems and even a modified Niederreiter cryptosystem in the case of Gabidulin codes, with a public-key size of less tha...

We propose public-key cryptosystems with public key a system of polynomial equations and private key an ideal.

The public key cryptosystems MST1 and MST2 make use of certain kinds of factorizations of finite groups. We show that generalizing such factorizations to infinite groups allows a uniform description of several proposed cryptographic primitives. In particular, a generalization of MST2 can be regarded as a unifying framework for several suggested cryptosystems including the ElGamal public key sys...