Paper 2013/470

Practical Cryptanalysis of a Public-Key Encryption Scheme Based on New Multivariate Quadratic Assumptions

Martin R. Albrecht, Jean-Charles Faugère, Robert Fitzpatrick, and Ludovic Perret

Abstract

In this paper, we investigate the security of a public-key encryption scheme introduced by Huang, Liu and Yang (HLY) at PKC’12. This new scheme can be provably reduced to the hardness of solving a set of quadratic equations whose coefficients of highest degree are chosen according to a discrete Gaussian distributions. The other terms being chosen uniformly at random. Such a problem is a variant of the classical problem of solving a system of non-linear equations (PoSSo), which is known to be hard for random systems. The main hypothesis of Huang, Liu and Yang is that their variant is not easier than solving PoSSo for random instances. In this paper, we disprove this hypothesis. To this end, we exploit the fact that the new problem proposed by Huang, Liu and Yang reduces to an easy instance of the Learning With Errors (LWE) problem. The main contribution of this paper is to show that security and efficiency are essentially incompatible for the HLY proposal. That is, one cannot find parameters which yield a secure and a practical scheme. For instance, we estimate that a public-key of at least 1.03 GB is required to achieve 80-bit security against known attacks. As a proof of concept, we present practical attacks against all the parameters proposed Huang, Liu and Yang. We have been able to recover the private-key in roughly one day for the first challenge proposed by HLY and in roughly three days for the second challenge.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
cryptanalysislattice techniques
Contact author(s)
robert fitzpatrick 2010 @ live rhul ac uk
History
2013-08-03: received
Short URL
https://ia.cr/2013/470
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/470,
      author = {Martin R.  Albrecht and Jean-Charles Faugère and Robert Fitzpatrick and Ludovic Perret},
      title = {Practical Cryptanalysis of a Public-Key Encryption Scheme Based on New Multivariate Quadratic Assumptions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/470},
      year = {2013},
      url = {https://eprint.iacr.org/2013/470}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.