Cryptology ePrint Archive: Report 2013/799

New Insight into the Isomorphism of Polynomials problem IP1S and its Use in Cryptography

Gilles Macario-Rat and Jérôme Plût and Henri Gilbert

Abstract: This paper investigates the mathematical structure of the ``Isomorphism of Polynomial with One Secret'' problem (IP1S). Our purpose is to understand why for practical parameter values of IP1S most random instances are easily solvable (as first observed by Bouillaguet et al.). We show that the structure of the problem is directly linked to the structure of quadratic forms in odd and even characteristic. We describe a completely new method allowing to efficiently solve most instances. Unlike previous solving techniques, this is not based upon Gröbner basis computations.

Category / Keywords: public-key cryptography / secret-key cryptography multivariate IP1S

Original Publication (with major differences): IACR-ASIACRYPT-2013

Date: received 29 Nov 2013

Contact author: jerome plut at ssi gouv fr

Available format(s): PDF | BibTeX Citation

Note: This is a major revision of the version to be published by Springer-Verlag in the proceedings of ASIACRYPT 2013 (not yet online at the date of the last edit of this note).

In particular, the proof of the binary case has been significantly expanded.

Version: 20131201:163648 (All versions of this report)

Short URL: ia.cr/2013/799

Discussion forum: Show discussion | Start new discussion