HFEM. Breaking the HFEM public key scheme

Size: px

Start display at page:

Download "HFEM. Breaking the HFEM public key scheme"

Basil Fox
5 years ago
Views:

1 4 Vol.4 No. 0 Joural o Commuicatios March 0 doi:0.969/j.iss x HFEM ( ,, MQ HFEM MQ MQ P09. A X(0) reaig the HFEM pulic ey scheme GU Chu-sheg,, (. chool of Computer Egieerig, Jiagsu Uiversity of hology, Chagzhou 00, Chia;. chool of Computer ciece ad echology, Uiversity of ciece ad echology of Chia, Hefei 007, Chia;. Key Laoratory of Cloud Computig & Itelliget Iformatio Processig of Chagzhou City, Chagzhou 00, Chia) Astract: o desig post-uatum pulic ey cryptography, Zhao, et al preseted a ovel pulic ey scheme ased o the MQ prolem. A euivalet secret ey could directly e solved from the pulic ey of their scheme y applyig the property of the ergodic matrix over fiite field. hus, the HFEM pulic ey scheme was roe. Key words: post-uatum cryptography; MQ-ased PKC; MQ prolem; cryptaalysis [,] [] [4~9] [4~6,8] GF( ) hamir [0~] [] [4] MQ (isectio multivariate uadratic euatio prolem) [4] MQ NP [4] HFEM(hidde field ergodic matrices) [4] (64007); (CJ000); (KYY07, KYY055) Foudatio Items: he Natioal Natural ciece Foudatio of Chia (64 07); he Applicatio Research Foudatio of Chagzhou (CJ000); he Research Foudatio of Jiagsu Uiversity of echology (KYY07, KYY055)

2 86 4 [4] W W W, E = E = E = ( W ) W = = E E [4] HFEM [4] m F F m GL ( F ) F I M M M M F E F [ E] = { E Z} m m A F F = { A A A } F x, y F x y = ( x y, L, x y, L, x y, L, x y ) F MQ- F m F i = j = ( x, L, x, y, L, y ) = {, L, } F V ( ) = { x x F } [4] HFEM ) ( A, ) A = { A, L, F = {, L, } F A E [ E] ) R GL ( F ) 0 ( ) ( ) i, j i j i, j 0 0 HFEM HFEM a x y =, ( a, F, =,, L, m) A } R = R[ ] F i j i j i = i i i F m ) R MQ [ r ( x, y), L, r ( x, y)] = RA ( x y) p = ( F, r = [ r ( x, y), L, r ( x, y)]) 4) s = ( A,, R) ) P = a ( a, F \ {0}) ) p P C = [ r ( a, ), L, r ( a, )] F \ {0} ) s C = ( R C) ( V ( A) V ( )) \ {0} ) s E( A,, ) ( x, y) ( F \{0}) ) ( x, y) ( a, ) P = x y = a [4] E ( A,, ).( x y) = Ra( ) = A,, A,, A,, A = L L L [4] A, ( A, ) E( A,, ) HFEM [4] MQ NP ( ) [4] HFEM MQ HFEM V ( ) f ( l ) E F [ E ] = f ( l ) f ( l ) = l I E f ( l ) f ( l ) f ( l ) ) f ( l ) f ( l ) = g ( l ) g ( l ) deg( g ( l )) = < deg( g ( l )) = gcd( g ( l ),

3 HFEM 87 g ( l )) = E f (0) = E 0 g (0) 0, g (0) 0 F deg( g ( l )) = g (0) 0 [ l ] /( g ) i r s { l i = 0, L, } l, l r s l l mod g( l ) 0 < e l l e e mod g ( l ) 0 < e mod g ( l ) ee gcd( g ( l ), g ( l )) = l mod f ( l ) 0 < e e < F [ E ] = f ( l ) E e l mod f ( l ) e = ( ) ( e e ) r ) f ( l ) f ( l ) = g( l ), r g( l ) g(0) 0 / r e e = l mod g( l ) f / r r r ( l ) = g( l ) ( l ) F F p F F p F F v v p ) r r ( l ) ( l v p v / r v / r p ( ) ( ) p = l l mod f ( l ) e e = l mod f ( l ) v / r ( ) ( p ( )) l F f ( l ) F [ l ] E F [ E ] = 0 f ( l ) E = { E, E, L, E } F [ E] p f ( l ) F [ l ] /( f ) r ( l ) F [ l ] /( f ) = E F r( l ) = l mod f ( l ) E r( E) F r( E) E F [ E] / / r r [ E] U{0} F f ( l ) E f ( E) E g( E ) = 0 [ E] = { E, E, L, E } F [ E] {,,, = I E L E } F [ E] V ( ) = V ( ) = F [ E] U{0} 0 F ( i =, L, ) I + E + L+ E = 0 E 0 ( E I + E + L+ E ) = E 0 E + E + + E = 0 = {, L, } F A = { A, L, } F R GL ( F ) R = R [ ] A F F [ E] = { I,, L, } R F [ E] HFEM R = R[ ] A A M A = R = = W W L W R R Q R = A = R R Q W R Q R Q + RA = = W R Q R Q + R GL ( F ) A [5] i ( L ) R R Q = L R R Q R Q R Q + R Q + R Q W W L W L ( L ) F ( )

4 88 4 ra( R) + ra( A) ra( RA) mi(ra( R), ra( A)) ra( RA) = W GL ( F ) F W GL ( F ) W = ( W ) W = Q = W W = { I,, L, } A = W [ E], A O( ) 4 i i =,, ( - ) O( ) = O( ) A O( ) = O( ) F C F R = R[ ] F \ {0}, A [ E] ) [4]HFEM ) ) E ( x, z) ( x, z) 4) (, z) = z j = j j ( i = i i)( j = j j) ( y j j j) = = j = z j j E( x, z) ( x A z ( C ) i i i) = = ( j = j j ) ( \ {0}) F F C a x A y = = F 5) = y j = j j y F \ {0} ( x, y) E( A,, C ) 6) ( x, y) E( A,, C ) ( ) {( d x, d y) d F \ {0}) 7) HFEM P = x y 4 HFEM ( = =5) HFEM HFEM A HFEM 4. HFEM E = 0 = { I, E, E } = ,, A 0 A = A = 0 A R = [ E] A A A R R = = R = R A A A A A A = A R F [ E] A ) R F W W W W W W = =

5 HFEM W ) ( W ) ) 0 = E( x, z) = W W = = 4 = W = 4 4 = = ) W = 4 4 W = ), A = A =, 4 4 A = R P = a = ( 4 ) ( ) C L R P = [ r ( a, ),, r ( a, )] = 4 0 = ( ) = a = i j Ai = i j j 4.4 ) [4] A E( A,, C ) ) i = i i j = j j C a ( x A )( y ) = = z j j j = = ( ( ) ) = x A = ( z C i i i j = j j ) ) E( x, z) x 4, z = ( 0 ) =( ) 4 4 4) (, z) = z = j= j j 4 4 = y 5) = = y j j j 4 ( x, y) E( A,, C ) = ( ) ( x, y) E( A,, C ) ( ) {( d x, d y) d F \ {0}) 5 6) P = x y P = P HFEM [4] HFEM HFEM [] HOR P W. Polyomial-time algorithms for prime factorizatio ad discrete logarithms o a uatum computer[j]. IAM Joural o Computig, 997, 6(5): [] PROO J, ZALKA C. hors discrete logarithm uatum algorithm for elliptic curves[j]. Quatum Iformatio ad Computatio, 00, (4):7-44. [] UCHMANN J, DING J. Post-uatum cryptography[a]. he ecod Iteratioal Worshop, PQCrypto 008[C]. Ciciati, UA, 7-9. [4],,. GF( ) [J]., 005, 6 ():5-9. ZHAO Y Z, HUANG L, JIANG Z H. Ergodic matrix over GF ( ) ad its properties[j]. Mii- micro ystems, 005, 6 ():5-9. [5] ZHAO Y Z, WANG L O, ZHANG W. Iformatio-exchage usig the ergodic matrices i GF()[A]. d Iteratioal Coferece, ACN 004[C]. Amsterdam: Icisa Press, [6],,. [J]., 007, 8 (): ZHAO Y Z, PEI H, WANG H J, et al. Usig the ergodic matrices over fiite field to costruct the dyamic ecryptor[j]. Mii-Micro ystems, 007, 8 (): [7] PEI H, ZHAO H W, ZHAO Y Z. Pulic ey cryptography ased o ergodic matrices over fiite field[j]. Wuha Uiversity Joural of Natural cieces, 006, (6): [8]. F hamir [J]., 006, 7(6): ZHAO Y Z, JIANG Z H, HUANG L. Implemetatio of hamir s three pass protocol ased o ergodic matrix over fiite field[j]. Mii- Micro ystems, 006, 7(6):

98 4 [] G Americas, MIMO ad smart ateas for G ad 4G wireless systems: practical aspects ad deploymet cosideratios[e/ol]. http://www.4gamericas.org/, 00. [4] EDELMAN A.

urligto: Academic Press, 007. [6] E D, VIWANAH P. Fudametals of Wireless Commuicatio[M]. Camridge, UK : Camridge Uiversity Press, 005. [7] ULINO A M, VERDU.

ist-wier.org/, 007. 89 [9],. ( ) [J]. :, 006, 4(5):555-560. UN Y X, ZHAO Y Z, YANG Y J, et al. cheme to costruct oe-way (trapdoor) fuctios ased o ergodic matrices[j].

Algeraic Methods for Costructig Oe-Way rapdoor Fuctios[D]. Notre Dame: Uiversity of Notre Dame, 00. []. [D]. :, 008. HUANG H W. Cryptographic Applicatios of emigroup Actio Prolem[D].

6 98 4 [] G Americas, MIMO ad smart ateas for G ad 4G wireless systems: practical aspects ad deploymet cosideratios[e/ol] [4] EDELMAN A. Eigevalues ad Coditio Numer of Radom Matrices[D]. Dept Mathematics, MI, Camridge, MA, 989. [5] OEGE C, CLERCKX. MIMO Wireless Commuicatios: From Real-World Propagatio to pace-ime Code Desig[M]. urligto: Academic Press, 007. [6] E D, VIWANAH P. Fudametals of Wireless Commuicatio[M]. Camridge, UK : Camridge Uiversity Press, 005. [7] ULINO A M, VERDU. Radom Matrix heory ad Wireless Commuicatios[M]. osto: Now Pulishers Ic, 004. [8] KYOI P, MEINILA J, HEUKA L. WINNER II chael mode : part II radio chael measuremet ad aalysis results[e/ol] [9],. ( ) [J]. :, 006, 4(5): UN Y X, ZHAO Y Z, YANG Y J, et al. cheme to costruct oe-way (trapdoor) fuctios ased o ergodic matrices[j]. Joural of Jili Uiversity: Iformatio ciece Editio, 006, 4(5): [0] MONICO C. emirigs ad emigroup Actios i Pulic-Key Cryptography[D]. Notre Dame: Uiversity of Notre Dame, 00. [] MAZE G. Algeraic Methods for Costructig Oe-Way rapdoor Fuctios[D]. Notre Dame: Uiversity of Notre Dame, 00. []. [D]. :, 008. HUANG H W. Cryptographic Applicatios of emigroup Actio Prolem[D]. Xi a: Xidia Uiversity, 008. [],,. [J]., 00, 8(8): PEI H, ZHAO Y Z, ZHAO H W. Pulic ey ecryptio scheme ased o the ergodic matrices[j]. Chiese Joural of Electroics, 00, 8(8): [4],,. HFEM [J].,0,(6):4-. ZHAO Y Z, ZHAO, PEI H, et al. Desig ad implemet o the HFEM pulic ey scheme[j]. Joural o Commuicatios, 0,(6): 4-. [5] HORN R A, JOHNON C R. Matrix Aalysis[M]. Camridge Uiversity Press, MIMO

Excellent Performances of The Third-level Disturbed Chaos in The Cryptography Algorithm and The Spread Spectrum Communication

Excellent Performances of The Third-level Disturbed Chaos in The Cryptography Algorithm and The Spread Spectrum Communication Joural of Iformatio Hidig ad Multimedia Sigal Processig c 26 ISSN 273-422 Ubiquitous Iteratioal Volume 7, Number 4, July 26 Excellet Performaces of The Third-level Disturbed Chaos i The Cryptography Algorithm