Abstract
We propose a new cryptanalytic application of a number theoretic tool Weil sum to birthday attack against multivariate quadratic trapdoor function. This new customization of birthday attack is developed by evaluating the explicit Weil sum of the underlying univariate polynomial and the exact number of solutions of the associated bivariate equation. We designed and implemented a new algorithm for computing Weil sum values so that we could explicitly identify some class of weak Dembowski-Ostrom polynomials and their equivalent forms in multivariate quadratic trapdoor function. Our customized attack can be also regarded as an equation solving algorithm for the system of some special quadratic equations over finite fields, and it is fundamentally different from the Gröbner basis methods. Both theoretical observation and experiment show that the required computational complexity of the attack on these weak polynomial instances can be asymptotically less than the square root complexity of the common birthday attack by factor of as large as 2n/8 in terms of the extension degree n of . We also suggest a few open problems that any MQ-based short signature scheme must explicitly take into account for the basic design principles.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
