General fault attacks on multivariate public key cryptosystems
It is well known that the problem to solve a set of randomly chosen multivariate quadratic equations over a finite field is NP-hard. However, when the number of variables is much larger than the number of equations, it is not necessarily difficult to solve equations. In fact, when n ≥ m(m+1) (n, m are the numbers of variables and equations respectively) and… (More)
In IMACC 2015 and Inscrypt 2015, Zhang and Tan proposed new vinegar-like variants of multivariate signature schemes. While their aims were to enhance the security of broken schemes, the security is much less than expected. In this note, we describe how to recover a public key of the original scheme.
The simple matrix encryption scheme (Tao-Diene-Tang-Ding, PQCrypto 2013) has a problem of decryption failures. Quite recently, Petzoldt-Ding-Wang (http://eprint.iacr. org/2016/010) proposed a new version of this scheme called the tensor simple matrix encryption scheme to remove decryption failures by using a tensor product of two small matrices as its… (More)
The unbalanced oil and vinegar signature scheme (UOV) is one of signature schemes whose public key is a set of multivariate quadratic forms. Recently, a new variant of UOV called Cubic UOV was proposed at Inscrypt 2015. It was claimed that the cubic UOV was more efficient than the original UOV and its security was enough. However, an equivalent secret key… (More)
Multi-HFE (Chen et al., 2009) is one of cryptosystems whose public key is a set of multivariate quadratic forms over a finite field. Its quadratic forms are constructed by a set of multivariate quadratic forms over an extension field. Recently, Bettale et al. (2013) have studied the security of HFE and multi-HFE against the min-rank attack and found that… (More)