Cryptology ePrint Archive: Report 2009/567

Properties of the Discrete Differential with Cryptographic Applications

Daniel Smith-Tone

Abstract: Recently, the $C^{*-}$ signature scheme has been completely broken by Dubois et al. (Dubois et al., CRYPTO and EUROCRYPT 2007). As a consequence, the security of SFLASH and other multivariate public key systems have been impaired. The attacks presented in (Dubois et al., CRYPTO and EUROCRYPT 2007) rely on a symmetry of the differential of the encryption mapping. In (Ding et al., 2007), Ding et al. experimentally justify the use projection as a method of avoiding the new attack. In this paper, we derive some properties of the discrete differential, give a theoretical justification for the reparation in (Ding et al., 2007), and establish the exact context in which this attack is applicable.

Category / Keywords: public-key cryptography / Matsumoto-Imai, multivariate public key cryptography, discrete, differential, SFLASH, symmetry, HFE

Date: received 21 Nov 2009

Contact author: smithdc at indiana edu

Available format(s): PDF | BibTeX Citation

Version: 20091123:163434 (All versions of this report)

Short URL: ia.cr/2009/567

Discussion forum: Show discussion | Start new discussion