线性化方程方法破解TTM公钥加密体制

Linearization Equation Attack on TTM Public Key Cryptosystems

  • 摘要: TTM是一类三角形多变量公钥密码体制。该文经过分析2004年的TTM实例发现,该实例中存在大量的一阶线性化方程,而且对于给定的公钥,这些线性化方程都可以通过预计算得到。对于给定的合法密文,可以利用一阶线性化方程攻击方法在219个28域上的运算内找到了其相应的明文。该方法与二阶线性化方程攻击方法相比,恢复明文的复杂度降低了212倍。计算机实验证实了上述结果。

     

    Abstract: TTM is a type of Multivariate public key cryptosystem. By analyzing the instance of TTM proposed in 2004, it can be found that there are many first order linearization equations satisfied by the cipher in this scheme. For a given public key, all first order linearization equations can be found through precomputation. For any given ciphertext, the corresponding plaintext can be found in less than 219 operations over a finite field of size 28 by linearization equation attack. This attack reduced complexity of recovering plaintext from 231 to 219 compare to second order linearization equation attack. The results above are further confirmed by computer experiments.

     

/

返回文章
返回