DOCSLIB.ORG

Embedded Surface Attack on Multivariate Public Key Cryptosystems from Diophantine Equation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Embedded Surface Attack on Multivariate Public Key Cryptosystems from Diophantine Equation Embedded Surface Attack on Multivariate Public Key Cryptosystems from Diophantine Equation A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy Department of Mathematical Sciences College of Arts and Sciences University of Cincinnati Author: Ai Ren Chair: Professor Jintai Ding Degrees: B.S. Mathematics, 2004, University of Science and Technology of China M.S. Information Systems, 2008, Benedictine University ii Abstract In 2011, Gao and Heindl proposed a family of Multivariate Public Key Cryp- tosystems by combining the triangular scheme and the oil-vinegar scheme. The new design was claimed to be secured under known attacks. Besides that, they also used the Medium-Field Multivariate Public Key Cryptosystem as an ex- ample of their general frame and explained how it works. Later, by introducing several Diophantine equations into their design, they presented the Diophan- tine Equations Multivariate Public Key Cryptosystem (DEMPKC) with three sets of suggested parameters and the claimed security level were high. In this paper, we present our cryptanalysis on DEMPKC. Our cryptanalysis uses embedded surfaces associated with the DEMPKC and shows the attack can break the system efficiently. Our work provides an example of more general embedded surfaces other than linearization type of equations can be very useful to attack cryptosystems. iii c by Ai Ren. All rights reserved. Acknowledgments Firstly, I want to thank Dr. Jintai Ding for his endless support, his patience, and immense knowledge. Jintai is very famous in the area of cryptography. He and his remarkable work provide us the opportunity of doing the important research. To me, he is not just an advisor but my family member. His guidance walked me throughout the graduate life in University of Cincinnati. Besides my advisor, I would like to thank many professors. They are Dr. Shuang Zhang, Dr. Bingyu Zhang, Dr. Ning Zhong, Dr. Donald A French, Dr. Seung Ki Kim, and Dr. Benjamin L Vaughan. With their help and support, my study and research became much easier. Last but most importantly, I would like to thank my family for their love and encouragement. For my lovely wife who has been so supportive, so en- couraging, and so patient. For my parents who raised me with love and have been showing faith in me and providing me everything. For my lovely kids who are the pride and joy of my life. My family, you are the best thing that has ever happened to me. v Contents Abstract iii Copyright iv Acknowledgments v 1. Introduction 1 1.1. Public Key Cryptography . 1 1.2. RSA . 8 1.3. Elliptic Curves Cryptography . 12 1.4. Quantum Computers and Shor's algorithm . 15 1.5. Post-Quantum Cryptography . 22 1.6. Multivariate Public Key Cryptography . 37 1.6.1. Family one: Explicit . 39 1.6.2. Family two: Implicit . 40 1.6.3. Matsumoto-Imai . 43 1.6.4. Encryption and Decryption . 46 1.6.5. Perturbation Masumoto-Imai . 48 1.6.6. HFE . 49 1.6.7. The Diophantine Equation MPKC . 49 2. Triangular Encryption Schemes 51 3. Oil-Vinegar Systems 56 vi 4. Combine Oil-Vinegar Scheme and Triangular Encryption Scheme 62 4.1. Define Extended Polynomial Ring . 62 4.2. Combing . 63 4.3. Example: Mediam Field Encryption (MFE) . 67 5. Cryptosystem from Diophantine Equations 70 5.1. Polynomial Identities and Diophantine Equations . 70 5.2. The Central Map . 79 5.3. Inverting the Central Map . 81 5.4. Practical Parameters and security claims . 84 6. Embedded surface attack 86 6.1. Embedded surface attack . 86 6.2. Step 1. Embedded surface attack . 99 6.3. Step 2. Derive new equations from the embedded surfaces . 103 6.4. Step 3. Reduce three variables . 108 6.5. Step 4. Solve the system . 110 6.6. General introduction on F4 . 110 6.7. The complexity of the attack . 113 6.8. The complexity for attacking the other two systems . 114 6.9. Experiments results . 115 7. Conclusion 117 7.1. Summary of accomplishments . 117 7.2. Impact of our work . 118 7.3. Ideas for future research . 118 Bibliography 120 A. Appendix 125 vii Chapter 1 Introduction 1.1. Public Key Cryptography Cryptography is the study and practice of methods for secure communication. During the communication process of sending private information from the sender to the intended receiver, the private information will be exposed to unexpected parties and will face the risk of being changed or stolen by the unexpected parties. The cryptography will help us to secure the communica- tion of confidential information. In this confidential information transaction process, we call the original information as plain text and the encrypted infor- mation as cipher text. Cryptography is concerned with four main facts of data transfer: Integrity, Authenticity, Confidentiality and Non-repudiation. To ac- complish those, cryptography has various solutions. According to the way how 1 the system shares keys, there are two types of cryptography systems: private key cryptography and public key cryptography. Private key cryptography requires two parties, the sender and the intended receiver, to share the key before they start to exchange messages confidentially over a public channel. This key is called Private Key because it must be kept in private in order to avoid being used to restore the original message by the unexpected third party during the communication. Caesar's cipher is one of the most ancient and famous methods of private key cryptography. It was named after Julius Caesar and was used to protect military message. The general idea of Caesar's cipher was a simple shift of the alphabet. For instance, with a left shift of 3, Z would be replaced by W, Y would be replaced by V, X would be replaced by U and so on. The private key of this Caesar's cipher could be described as the following table: plain text A B C D E F G H I J K L M cipher text X Y Z A B C D E F G H I J plain text N O P Q R S T U V W X Y Z cipher text K L M N O P Q R S T U V W To encrypt a message, the sender encodes the original message by looking up each individual letter in plain text as described above and finding the cor- responding cipher text. The decryption can be done reversely. 2 A modern way to describe the Caesar's cipher is given as follows: we assign an index number to each of the 26 letters, in the ring Z=26Z. More precisely, index letter A to 0, B to 1, C to 2. , X to 23, Y to 24, and Z to 25. Every letter has a unique index. This assignment allows us to convert any plain text into a string of numbers between 0 and 25. With a left shift of 3, we can simply apply the function as follows: F : Z=26Z ! Z=26Z F (m) = m + 3 mod 26: where m is the index of the letter from original information. It is very clear that if some unexpected party learned the private key, which is left shift of 3 in this case, the cipher text can be decrypted easily. For private key cryptography, therefore, the private key must be kept in private . Public key cryptography does not require the sender and the receiver to exchange any private keys prior to the communications. Unlike private key cryptography, knowledge of the sender's private key does not help anyone to compute the receiver's private key. This is the reason why public key cryp- tography is also called asymmetric cryptography. In 1976, Whitfield Diffie and Martin Hellman firstly published the idea [DH06]. In their design, the holder firstly needs to establish a pair of keys: one public key for encryption purpose and one matching private key for decryption. This public key will 3 be published in an open channel and the private key must be kept securely by the holder. Any party, other than the holder, who is willing to send mes- sages or information to the holder confidentially needs to use the public key and the cryptosystem algorithm to encrypt the message or information into a cipher text. Then this cipher text can be sent from the sender to the private key holder. After the holder received the cipher text, the private key can be used to decrypt the cipher text and the plain text { the original message is restored. The information transaction is over a public channel which means there might be a third party who can also obtain the cipher text. Without knowing holder's private key or successfully cryptanalyzing the private key, the third party would not be able to decrypt the cipher text nor the original mes- sage. The significant difference between the private key cryptography and the public key cryptography is that it is possible to create a secured communica- tion channel for any two parties without any prior contact or any preliminary information exchange. Public key cryptography makes the modern world communication safe and possible. Nowadays, people are no longer forced to go out and wait in the line for shopping during the ice cold weather. People can stay at home, sit in front of computer, browse the webs and pay through the internet on eBay. Without public key cryptography, online shopping would be incredibly insecured. At Christmas, eBay posts many deals and great products to the customers. Tom and Jerry decided to celebrate Christmas this year and buy themselves some 4 nice gifts. Jerry liked American cheese which was on sale on eBay.
Load more

Recommended publications
  • DESIGN and CRYPTANALYSIS of POST QUANTUM CRYPTOSYSTEMS Olive Chakraborty
    DESIGN AND CRYPTANALYSIS OF POST QUANTUM CRYPTOSYSTEMS Olive Chakraborty To cite this version: Olive Chakraborty. DESIGN AND CRYPTANALYSIS OF POST QUANTUM CRYPTOSYSTEMS. Cryptography and Security [cs.CR]. Sorbonne Université, 2020. English. tel-03135217 HAL Id: tel-03135217 https://tel.archives-ouvertes.fr/tel-03135217 Submitted on 12 Feb 2021 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. THÈSE DE DOCTORANT DE SORBONNE UNIVERSITÉ Spécialité Informatique École Doctorale Informatique, Télécommunications et Électronique (Paris) Présentée par OLIVE CHAKRABORTY Pur obtenir le grade de DOCTEUR DE SORBONNE UNIVERSITÈ DESIGN AND CRYPTANALYSIS OF POST QUANTUM CRYPTOSYSTEMS Thèse dirigée par JEAN-CHARLES FAUGÈRE et LUDOVIC PERRET après avis des rapporteurs: Mme. Delaram KAHROBAEI Professeur, University of York, U.K M. Jacques PATARIN Professeur, Université de Versailles devant le jury composé de : M. Jean-Charles FAUGÈRE Directeur de recherche, INRIA Paris M. Stef GRAILLAT Professeur, Sorbonne Université, LIP6 Mme. Delaram KAHROBAEI Professeur, University of York, U.K M. Jacques PATARIN Professeur, Université de Versailles M. Ludovic PERRET Maître de Conférences, Sorbonne Université, LIP6 M. Mohab SAFEY EL DIN Professeur, Sorbonne Université, LIP6 Date de soutenance : 16-12-2020 Résumé La résolution de systèmes polynomiaux est l’un des problèmes les plus anciens et des plus importants en Calcul Formel et a de nombreuses applications.
    [Show full text]
  • Journal of Algorithms
    JOURNAL OF ALGORITHMS in Cognition, Informatics and Logic 1 Editors in Chief Amihood Amir, Bar Ulan Univ, Israel Dov M. Gabbay, King’s College London, UK Jörg Siekmann, Universität des Saarlandes, Germany Executive Editors Judea Pearl, UCLA, US Alan Bundy, University of Edinburgh, UK Adi Shamir, Wezmann Institute, Israel Christos Papadimitriou, Berkeley, UK Bob Harper, CMU, US Moshe Vardi, Rice Univ, USA Johan van Benthem, University of Amsterdam, The Nederlands Andy Yao, Tsinghua University, China John Lloyd, Australian National University, Canberra, Australia Georg Gottlob, University of Oxford, UK Editorial Board COGNITION C1 Algorithms in Natural Language Processing Hans Kamp, Universität Stuttgart, Germany Michael Moortgat, University of Utrecht, The Nederlands Manfred Pinkal, Universität des Saarlandes, Saarbrücken, Germany Hans Uszkoreit, DFKI, Saarbrücken, Germany Shalom Lappin, King’s College,UK Walter Daelemans, University of Antwerp, Belgium Yoad Winter, Technion, Israel Institute of Technology Shuly Wintner, University of Haifa, Israel Johanna Moore, University of Edinburgh, Scotland Andrew Kehler, UCSD Ian Pratt, Univ. of Manchester, UK C2 Algorithms in Computer Vision and Pattern Recognition Alan K. Mackworth, University of British Columbia, Vancouver, Canada Joachim Weikert, Universität des Saarlandes, Germany Michael Maher, University of New South Wales, Australia C3 Algorithms in Robotics and Cognitive Actors Mike Brady, Oxford University, UK Gerhard Lakemeyer, Technische Universität Aachen, Germany Michael Thielscher, Technische Universität Dresden, Germany Frank Kirchner, DFKI, Bremen Germany Raul Rojas, Berlin, Germany Donald Sofge, Navy Center for Applied Research in Artificial Intelligence Bernhard Nebel, University of Freiburg, Germany 2 C4 Algorithms in Multi Agent Systems, Michael Fisher, University of Liverpool, UK Nick Jennings, Southampton University, UK Sarit Kraus, Bar-Ilan University, Ramat Gan, Israel Katia Sycara, Carnegie Mellon University, USA Victor R.
    [Show full text]
  • Proof-Of-Work Certificates That Can Be Efficiently Computed in the Cloud
    Proof-of-work certificates that can be efficiently computed in the cloud Jean-Guillaume Dumas∗ July 24, 2018 Abstract In an emerging computing paradigm, computational capabilities, from processing power to storage capacities, are offered to users over communi- cation networks as a cloud-based service. There, demanding computations are outsourced in order to limit infrastructure costs. The idea of verifiable computing is to associate a data structure, a proof-of-work certificate, to the result of the outsourced computation. This allows a verification algorithm to prove the validity of the result, faster than by recomputing it. We talk about a Prover (the server performing the computations) and a Verifier. Goldwasser, Kalai and Rothblum gave in 2008 a generic method to verify any parallelizable computation, in almost linear time in the size of the, potentially structured, inputs and the result. However, the extra cost of the computations for the Prover (and therefore the extra cost to the customer), although only almost a constant factor of the overall work, is nonetheless prohibitive in practice. Differently, we will here present problem-specific procedures in com- puter algebra, e.g. for exact linear algebra computations, that are Prover- optimal, that is that have much less financial overhead. 1 Introduction In an emerging computing paradigm, computational capabilities, from process- ing power to storage capacities, are offered to users over communication net- arXiv:1806.11293v2 [cs.SC] 21 Jul 2018 works as a service. Many such outsourcing platforms are now well established, as Amazon web services (through the Elastic Compute Cloud), Microsoft Azure, IBM Platform Computing or Google cloud platform (via Google Compute Engine), as shown in Figure1.
    [Show full text]
  • Contents U U U
    Contents u u u ACM Awards Reception and Banquet, June 2018 .................................................. 2 Introduction ......................................................................................................................... 3 A.M. Turing Award .............................................................................................................. 4 ACM Prize in Computing ................................................................................................. 5 ACM Charles P. “Chuck” Thacker Breakthrough in Computing Award ............. 6 ACM – AAAI Allen Newell Award .................................................................................. 7 Software System Award ................................................................................................... 8 Grace Murray Hopper Award ......................................................................................... 9 Paris Kanellakis Theory and Practice Award ...........................................................10 Karl V. Karlstrom Outstanding Educator Award .....................................................11 Eugene L. Lawler Award for Humanitarian Contributions within Computer Science and Informatics ..........................................................12 Distinguished Service Award .......................................................................................13 ACM Athena Lecturer Award ........................................................................................14 Outstanding Contribution
    [Show full text]
  • Brochure, Vienna Is Hosting the Largest Scientific Conference in the History of Logic
    Organized by In partnership with Contents Welcome to the Vienna Summer of Logic 2 Honorary Committee 4 Organization Committee 5 About the Vienna Summer of Logic 7 About the Kurt Gödel Society 8 About Logic in Austria 9 Federated Logic Conference 11 Logic in Artificial Intelligence 14 Mathematical Logic 15 Conference Overview 17 Registration and Help Desk 17 Conference Locations 18 Venues 19 Workshop Locations 21 Special Events Overview 23 Special Events 24 Cultural Program 28 Kurt Gödel Research Prize Fellowship 29 FLoC Olympic Games 2014: Citius, Maius, Potentius 30 VSL Joint Award Ceremonies 32 VSL Keynote Speakers 35 Invited Talks 40 Panels 43 FLoC14 Interconference Topics 45 Federated Logic Conference Plenary Speakers 48 Workshops 50 Useful Information 53 Internet Access 54 About Vienna 56 Restaurants in the Vicinity 56 Program Committees 61 Legal Information 76 Welcome to the Vienna Summer of Logic As you receive this brochure, Vienna is hosting the largest scientific conference in the history of logic. The Vienna Summer of Logic (VSL, http://vsl2014.at) consists of twelve large conferences and 80 workshops, attracting more than 2000 researchers from all over the world. This unique event is organized by the Kurt Gödel Society at the Vienna University of Technology and takes place from July 9 to 24, 2014, under the auspices of the Federal President of the Republic of Austria, Dr. Heinz Fischer. The conferences and workshops deal with the main Mathematical Logic theme, logic, from three important angles: logic in computer science, mathematical
    [Show full text]
  • Association for Computing Machinery 2 Penn Plaza, Suite 701, New York
    ACM A N W N A N R N D N S Association for Computing Machinery 2 Penn Plaza, Suite 701, New York, NY 10121-0701 USA +1-212-869-7440 www.acm.org Contents N N N ACM Awards Reception and Banquet, June 2017 . .2 Introduction . .3 A.M. Turing Award . .4 ACM Prize in Computing . .5 ACM – AAAI Allen Newell Award . .6 Software System Award . .7 Grace Murray Hopper Award . .8 Paris Kanellakis Theory and Practice Award . .9 Karl V. Karlstrom Outstanding Educator Award . .10 ACM Policy Award . .11 Distinguished Service Award . .12 ACM Athena Lecturer Award . .13 Outstanding Contribution to ACM Award . .14 ACM Presidential Award . .15-17 Doctoral Dissertation Award . .18 ACM Student Research Competition . .19 ACM Fellows . .20 Eugene L. Lawler Award for Humanitarian Contributions within Computer Science and Informatics . .21 ACM Gordon Bell Prize . .21 ACM – IEEE CS Eckert-Mauchly Award . .22 ACM – IEEE CS Ken Kennedy Award . .22 ACM – IEEE CS George Michael HPC Memorial Fellowships . .23 SIAM – ACM Prize in Computational Science and Engineering . .23 ACM – CSTA Cutler-Bell Prize . .24 ACM India Doctoral Dissertation Award . .24 ACM China Doctoral Dissertation Award . .25 ACM China Rising Star Award . .25 IPSJ/ACM Award for Early Career Contributions to Global Research . .25 ACM Special Interest Group Awards . .26-27 2017 ACM Award Subcommittee Chairs . .28 ACM Award Nomination Submission Procedures . .29 2018 ACM Award Subcommittee Chairs and Members . .30-31 Past Recipients . .32-36 ACM Fellows . .37-43 In Memoriam, ACM Fellows . .44 1 ACM Awards Reception & Banquet ACM AWARDS N N N N N N The Westin St.
    [Show full text]