Cryptology ePrint Archive: Report 2015/1037

Cryptanalysis of GGH15 Multilinear Maps

Jean-Sebastien Coron and Moon Sung Lee and Tancrede Lepoint and Mehdi Tibouchi

Abstract: We describe a cryptanalysis of the GGH15 multilinear maps. Our attack breaks in polynomial time the multipartite key-agreement protocol by generating an equivalent user private key. Our attack only applies to GGH15 without safeguards; for GGH15 with safeguards we only have a partial cryptanalysis that can recover any ratio of secret exponents. We also describe attacks against variants of the GGH13 multilinear maps proposed by Halevi (ePrint 2015/866) aiming at supporting graph-induced constraints, as in GGH15.

Category / Keywords: Public-key cryptanalysis, multilinear maps

Original Publication (with minor differences): IACR-CRYPTO-2016

Date: received 26 Oct 2015, last revised 2 Jun 2016

Contact author: jscoron at gmail com

Available format(s): PDF | BibTeX Citation

Note: We describe an extended attack that also breaks GGH15 with the safeguards.

Version: 20160602:071119 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]