State of the art of HFE variants Is it possible to repair HFE with appropriate perturbations?

Benoit COGLIATI; Gilles Macariot-Rat; Jacques Patarin; Pierre Varjabedian

Paper 2024/1706

State of the art of HFE variants Is it possible to repair HFE with appropriate perturbations?

Benoit COGLIATI, Thales (France)

Gilles Macariot-Rat, Orange (France)

Jacques Patarin, Thales (France)

Pierre Varjabedian, Thales (France)

Abstract

HFE (that stands for Hidden Field Equations) belongs to multivariate cryptography and was designed by Jacques Patarin in 1996 as a public key trapdoor suitable for encryption or signature. This original basic version is unfortunately known to have a super-polynomial attack, but as imagined since the beginning, it comes with various variants, one can describe as combinations of “modifiers”. In this work, we first present the state of the art of these HFE modifiers, along with their effect on the complexity of the main cryptanalysis techniques against HFE-based schemes. This allows us, in a second time, to identify a combination of two modifiers that has not yet been explored and may still be secure with efficient parameters. Based on our analysis, we propose a new signature scheme that offers extremely short signature sizes, with reasonable public key sizes and performance. In particular, we rely on the classical Feistel-Patarin technique to reduce signature sizes below two times the security parameter.

Note: Revision of the 21 october: The technique Feistel Patarin was introduced by Jacques Patarin not Nicolas Courtois. The quotation remains.

Metadata

Available format(s): PDF
Category: Public-key cryptography
Publication info: Published elsewhere. Minor revision. PQ crypto
DOI: 10.1007/978-3-031-62746-0_7
Keywords: Multivariate Cryptography Short Signature HFE HFE variants MinRank attacks
Contact author(s): benoit-michel cogliati @ thalesgroup com
gilles macariorat @ orange com
jacques patarin @ thalesgroup com
varjabedian pierre @ gmail com
History: 2024-10-21: revised; 2024-10-18: received; See all versions
Short URL: https://ia.cr/2024/1706
License: CC BY

BibTeX

@misc{cryptoeprint:2024/1706,
      author = {Benoit COGLIATI and Gilles Macariot-Rat and Jacques Patarin and Pierre Varjabedian},
      title = {State of the art of {HFE} variants Is it possible to repair {HFE} with appropriate perturbations?},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1706},
      year = {2024},
      doi = {10.1007/978-3-031-62746-0_7},
      url = {https://eprint.iacr.org/2024/1706}
}