Paper 2007/203

Kipnis-Shamir's Attack on HFE Revisited

Xin Jiang, Jintai Ding, and Lei Hu

Abstract

In this paper, we show that the claims in the original Kipnis-Shamir's attack on the HFE cryptosystems and the improved attack by Courtois that the complexity of the attacks is polynomial in terms of the number of variables are invalid. We present computer experiments and a theoretical argument using basic algebraic geometry to explain why it is so. Furthermore we show that even with the help of the powerful new Gröbner basis algorithm like $F_4$, the Kipnis-Shamir's attack still should be exponential not polynomial. This again is supported by our theoretical argument.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
ding @ math uc edu
History
2007-05-31: received
Short URL
https://ia.cr/2007/203
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/203,
      author = {Xin Jiang and Jintai Ding and Lei Hu},
      title = {Kipnis-Shamir's Attack on {HFE} Revisited},
      howpublished = {Cryptology {ePrint} Archive, Paper 2007/203},
      year = {2007},
      url = {https://eprint.iacr.org/2007/203}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.