Paper 2018/539

Extracting Linearization Equations from Noisy Sources

Daniel Smith-Tone


This note was originally written under the name ``On the Security of HMFEv'' and was submitted to PQCrypto 2018. The author was informed by the referees of his oversight of an eprint work of the same name by Hashimoto, see eprint article /2017/689/, that completely breaks HMFEv, rendering the result on HMFEv obsolete. Still, the author feels that the technique used here is interesting and that, at least in principal, this method could contribute to future cryptanalysis. Thus, with a change of title indicating the direction in which this work is leading, we present the original work with all of its oversights intact and with minimal correction (only references fixed). At PQCRYPTO 2017, a new multivariate digital signature based on Multi-HFE and utilizing the vinegar modifier was proposed. The vinegar modifier increases the Q-rank of the central map, preventing a direct application of the MinRank attack that defeated Multi-HFE. The authors were, therefore, confident enough to choose aggressive parameters for the Multi-HFE component of the central map (with vinegar variables fixed). Their analysis indicated that the security of the scheme depends on the sum of the number of variables $k$ over the extension field and the number $v$ of vinegar variables with the individual values being unimportant as long as they are not ``too small.'' We analyze the consequences of this choice of parameters and derive some new attacks showing that the parameter $v$ must be chosen with care.

Note: Revised to include footnotes.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
Multivariate CryptographyHMFEvQ-rank
Contact author(s)
daniel smith @ nist gov
2019-02-15: revised
2018-06-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Daniel Smith-Tone},
      title = {Extracting Linearization Equations from Noisy Sources},
      howpublished = {Cryptology ePrint Archive, Paper 2018/539},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.