• Publications
  • Influence
Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): Two New Families of Asymmetric Algorithms
Two new families of Asymmetric Algorithms that so far have resisted all attacks, if properly used: Hidden Field Equations (HFE) and Isomorphism of Polynomials (IP) are presented.
Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations
It is provided strong evidence that relinearization and XL can solve randomly generated systems of polynomial equations in subexponential time when m exceeds n by a number that increases slowly with n.
Unbalanced Oil and Vinegar Signature Schemes
It is shown that (in characteristic 2) when v ≥ n2, finding a solution is generally easy and it is very easy to combine the Oil and Vinegar idea and the HFE schemes of [14], and the resulting scheme, called HFEV, looks at the present also very interesting both from a practical and theoretical point of view.
Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
It is seen that for almost all the keys almost each cleartext can be found from his ciphertext after only about m2n4 log n computations where m is the degree of the field K chosen, and where mn is the number of bits of the text.
DES and Differential Power Analysis (The "Duplication" Method)
It is shown that it is possible to build an implementation that is provably DPA-resistant, in a "local" and restricted way (i.e. when - given a chip with a fixed key - the attacker only tries to detect predictable local deviations in the differentials of mean curves).
Hidden Field Equations (hfe) and Isomorphisms of Polynomials (ip): Two New Families of Asymmetric Algorithms -extended Version
In 11] T. Matsumoto and H. Imai described a new asymmetric algorithm based on multivariate polynomials of degree two over a nite eld. Then in 14] this algorithm was broken. The aim of this paper is
Low-Exponent RSA with Related Messages
A new class of attacks against RSA with low encrypting exponent is presented, enabling the recovery of plaintext messages from their ciphertexts and a known polynomial relationship among the messages, provided that the cipher Texts were created using the same RSA public key with low encryption exponent.
QUAD: A Practical Stream Cipher with Provable Security
We introduce a practical stream cipher with provable security named QUAD. The cipher relies on the iteration of a multivariate quadratic system of m equations in n < m unknowns over a finite field.
GeMSS: A Great Multivariate Short Signature
The purpose of this document is to present GeMSS : a Great Multivariate Signature Scheme, a multivariate-based signature scheme producing small signatures and a fast verification process, and a medium/large public-key.
The "Coefficients H" Technique
  • Jacques Patarin
  • Mathematics, Computer Science
    Selected Areas in Cryptography
  • 23 August 2009
The "coefficient H technique" is a tool used to prove various pseudo-random properties from the distribution of the number of keys that sends cleartext on some ciphertext and it can be used to find attacks on cryptographic designs.