Paper 2015/759

Cryptanalysis of Gu's ideal multilinear map

Alice Pellet-Mary and Damien Stehle


In March, 2015 Gu Chunsheng proposed a candidate ideal multilinear map [eprint 2015/269]. An ideal multilinear map allows to perform as many multiplications as desired, while in k-multilinear maps like GGH [EC 2013] or CLT [CR2013, CR2015] one we canperform at most a predetermined number k of multiplications. In this note, we show that the extraction Multilinear Computational Diffie-Hellman problem (ext-MCDH) associated to Gu's map can be solved in polynomial-time: this candidate ideal multilinear map is insecure. We also give intuition on why we think that the two other ideal multilinear maps proposed by Gu in [eprint 2015/269] are not secure either.

Available format(s)
Publication info
Preprint. MINOR revision.
Contact author(s)
damien stehle @ gmail com
2015-07-30: received
Short URL
Creative Commons Attribution


      author = {Alice Pellet-Mary and Damien Stehle},
      title = {Cryptanalysis of Gu's ideal multilinear map},
      howpublished = {Cryptology ePrint Archive, Paper 2015/759},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.