Paper 2015/596

Zeroizing Without Low-Level Zeroes: New MMAP Attacks and Their Limitations

Jean-Sébastien Coron, Craig Gentry, Shai Halevi, Tancrède Lepoint, Hemanta K. Maji, Eric Miles, Mariana Raykova, Amit Sahai, and Mehdi Tibouchi


We extend the recent zeroizing attacks of Cheon, Han, Lee, Ryu and Stehlé (Eurocrypt'15) on multilinear maps to settings where no encodings of zero below the maximal level are available. Some of the new attacks apply to the CLT13 scheme (resulting in a total break) while others apply to (a variant of) the GGH13 scheme (resulting in a weak-DL attack). We also note the limits of these zeroizing attacks.

Note: This work subsumes and extends the two ePrint reports 2014/929 and 2014/975

Available format(s)
Public-key cryptography
Publication info
A major revision of an IACR publication in CRYPTO 2015
CryptanalysisHardness AssumptionsMultilinear Maps
Contact author(s)
enmiles @ gmail com
2015-06-21: received
Short URL
Creative Commons Attribution


      author = {Jean-Sébastien Coron and Craig Gentry and Shai Halevi and Tancrède Lepoint and Hemanta K.  Maji and Eric Miles and Mariana Raykova and Amit Sahai and Mehdi Tibouchi},
      title = {Zeroizing Without Low-Level Zeroes: New MMAP Attacks and Their Limitations},
      howpublished = {Cryptology ePrint Archive, Paper 2015/596},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.