Paper 2024/1706

State of the art of HFE variants Is it possible to repair HFE with appropriate perturbations?

Benoit COGLIATI, Thales (France)
Gilles Macariot-Rat, Orange (France)
Jacques Patarin, Thales (France)
Pierre Varjabedian, Thales (France)
Abstract

HFE (that stands for Hidden Field Equations) belongs to multivariate cryptography and was designed by Jacques Patarin in 1996 as a public key trapdoor suitable for encryption or signature. This original basic version is unfortunately known to have a super-polynomial attack, but as imagined since the beginning, it comes with various variants, one can describe as combinations of “modifiers”. In this work, we first present the state of the art of these HFE modifiers, along with their effect on the complexity of the main cryptanalysis techniques against HFE-based schemes. This allows us, in a second time, to identify a combination of two modifiers that has not yet been explored and may still be secure with efficient parameters. Based on our analysis, we propose a new signature scheme that offers extremely short signature sizes, with reasonable public key sizes and performance. In particular, we rely on the classical Feistel-Patarin technique to reduce signature sizes below two times the security parameter.

Note: Revision of the 21 october: The technique Feistel Patarin was introduced by Jacques Patarin not Nicolas Courtois. The quotation remains.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. PQ crypto
DOI
10.1007/978-3-031-62746-0_7
Keywords
Multivariate CryptographyShort SignatureHFEHFE variantsMinRank attacks
Contact author(s)
benoit-michel cogliati @ thalesgroup com
gilles macariorat @ orange com
jacques patarin @ thalesgroup com
varjabedian pierre @ gmail com
History
2024-10-21: revised
2024-10-18: received
See all versions
Short URL
https://ia.cr/2024/1706
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1706,
      author = {Benoit COGLIATI and Gilles Macariot-Rat and Jacques Patarin and Pierre Varjabedian},
      title = {State of the art of {HFE} variants Is it possible to repair {HFE} with appropriate perturbations?},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1706},
      year = {2024},
      doi = {10.1007/978-3-031-62746-0_7},
      url = {https://eprint.iacr.org/2024/1706}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.