International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Equivalent Keys in HFE, C$^*$, and variations

Authors:
Christopher Wolf
Bart Preneel
Download:
URL: http://eprint.iacr.org/2004/360
Search ePrint
Search Google
Abstract: In this article, we investigate the question of equivalent keys for two $\mathcal{M}$ultivariate $\mathcal{Q}$uadratic public key schemes HFE and C$^{*--}$ and improve over a previously known result, to appear at PKC 2005. Moreover, we show a new non-trivial extension of these results to the classes HFE-, HFEv, HFEv-, and C$^{*--}$, which are cryptographically stronger variants of the original HFE and C$^*$ schemes. In particular, we are able to reduce the size of the private --- and hence the public --- key space by at least one order of magnitude. While the results are of independent interest themselves, we also see applications both in cryptanalysis and in memory efficient implementations.
BibTeX
@misc{eprint-2004-12323,
  title={Equivalent Keys in HFE, C$^*$, and variations},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / Multivariate Quadratic Equations, Public Key signature, Hidden Field Equations, HFE, HFE-, HFEv, HFEv-, C$^*$, C$^{*--}$},
  url={http://eprint.iacr.org/2004/360},
  note={Proceedings of Mycrypt 2005, LNCS 3715, pages 33-49. Serge Vaudenay, editor, Springer, 2005. Christopher.Wolf@esat.kuleuven.ac.be 13004 received 16 Dec 2004, last revised 9 Aug 2005},
  author={Christopher Wolf and Bart Preneel},
  year=2004
}