| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
Practical Cryptanalysis of the Identification Scheme Based on the Isomorphism of Polynomial With One Secret Problem
Abstract : This paper presents a practical cryptanalysis of the Identification Scheme proposed by Patarin at Crypto 1996. This scheme relies on the hardness of the Isomorphism of Polynomial with One Secret (IP1S), and enjoys shorter key than many other schemes based on the hardness of a combinatorial problem (as opposed to number-theoretic problems). Patarin proposed concrete parameters that have not been broken faster than exhaustive search so far. On the theoretical side, IP1S has been shown to be harder than Graph Isomorphism, which makes it an interesting target. We present two new deterministic algorithms to attack the IP1S problem, and we rigorously analyze their complexity and success probability. We show that they can solve a (big) constant fraction of all the instances of degree two in polynomial time. We verified that our algorithms are very efficient in practice. All the parameters with degree two proposed by Patarin are now broken in a few seconds. The parameters with degree three can be broken in less than a CPU-month. The identification scheme is thus quite badly broken.
Cited literature [46 references]
https://hal.inria.fr/inria-00556671
Contributor : Pierre-Alain Fouque <>
Submitted on : Monday, January 17, 2011 - 3:35:37 PM
Last modification on : Friday, January 8, 2021 - 5:50:04 PM
Long-term archiving on: : Thursday, June 30, 2011 - 1:48:29 PM
Contributor : Pierre-Alain Fouque <>
Submitted on : Monday, January 17, 2011 - 3:35:37 PM
Last modification on : Friday, January 8, 2021 - 5:50:04 PM
Long-term archiving on: : Thursday, June 30, 2011 - 1:48:29 PM
File
pkc11.pdf
Files produced by the author(s)