View in EDS

Improvements of Algebraic Attacks for solving the Rank Decoding and MinRank problems

Saved in:
Bibliographic Details
Title: Improvements of Algebraic Attacks for solving the Rank Decoding and MinRank problems
Authors: Bardet, Magali, Bros, Maxime, Cabarcas, Daniel, Gaborit, Philippe, Perlner, Ray, Smith-Tone, Daniel, Tillich, Jean-Pierre, Verbel, Javier
Contributors: Equipe Combinatoire et algorithmes (CA - LITIS), Laboratoire d'Informatique, de Traitement de l'Information et des Systèmes (LITIS), Université Le Havre Normandie (ULH), Normandie Université (NU)-Normandie Université (NU)-Université de Rouen Normandie (UNIROUEN), Normandie Université (NU)-Institut national des sciences appliquées Rouen Normandie (INSA Rouen Normandie), Institut National des Sciences Appliquées (INSA)-Normandie Université (NU)-Institut National des Sciences Appliquées (INSA)-Université Le Havre Normandie (ULH), Institut National des Sciences Appliquées (INSA)-Normandie Université (NU)-Institut National des Sciences Appliquées (INSA), Cryptologie symétrique, cryptologie fondée sur les codes et information quantique (COSMIQ), Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Mathématiques & Sécurité de l'information (XLIM-MATHIS), XLIM (XLIM), Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS)-Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS), Universidad Nacional de Colombia Sede Medellín, National Institute of Standards and Technology Gaithersburg (NIST), University of Louisville, This work has been supported by the French ANR projects CBCRYPT (ANR-17-CE39-0007) and the MOUSTIC project with the support from the European Regional Development Fund (ERDF) and the Regional Council of Normandie.Javier Verbel was supported for this work by Colciencias scholarship 757 forPhD studies and the University of Louisville facilities., ANR-17-CE39-0007,CBCRYPT,Cryptographie basée sur les codes(2017)
Source: https://hal.archives-ouvertes.fr/hal-02475356 ; 2021.
Publisher Information: HAL CCSD
Publication Year: 2021
Collection: Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe)
Subject Terms: Post-quantum cryptography, Algebraic attack, Rankmetric code-based cryptography, NIST-PQC candidates, rank metric code-based cryptography, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], [MATH.MATH-AG]Mathematics [math]/Algebraic Geometry [math.AG]
Description: In this paper, we show how to significantly improve algebraic techniques for solving the MinRank problem, which is ubiquitousin multivariate and rank metric code based cryptography. In the case ofthe structured MinRank instances arising in the latter, we build upon arecent breakthrough [11] showing that algebraic attacks outperform thecombinatorial ones that were considered state of the art up until now.Through a slight modification of this approach, we completely avoidGr¨obner bases computations for certain parameters and are left onlywith solving linear systems. This does not only substantially improvethe complexity, but also gives a convincing argument as to why algebraic techniques work in this case. When used against the second roundNIST-PQC candidates ROLLO-I-128/192/256, our new attack has bitcomplexity respectively 71, 87, and 151, to be compared to 117, 144,and 197 as obtained in [11]. The linear systems arise from the nullityof the maximal minors of a certain matrix associated to the algebraicmodeling. We also use a similar approach to improve the algebraic MinRank solvers for the usual MinRank problem. When applied against thesecond round NIST-PQC candidates GeMSS and Rainbow, our attackhas a complexity that is very close to or even slightly better than thoseof the best known attacks so far. Note that these latter attacks did notrely on MinRank techniques since the MinRank approach used to givecomplexities that were far away from classical security levels.
Document Type: report
Language: English
Relation: hal-02475356; https://hal.archives-ouvertes.fr/hal-02475356; https://hal.archives-ouvertes.fr/hal-02475356v4/document; https://hal.archives-ouvertes.fr/hal-02475356v4/file/articlev2.pdf
Availability: https://hal.archives-ouvertes.fr/hal-02475356
https://hal.archives-ouvertes.fr/hal-02475356v4/document
https://hal.archives-ouvertes.fr/hal-02475356v4/file/articlev2.pdf
Rights: info:eu-repo/semantics/OpenAccess
Accession Number: edsbas.1663884F
Database: BASE
Description
Abstract:In this paper, we show how to significantly improve algebraic techniques for solving the MinRank problem, which is ubiquitousin multivariate and rank metric code based cryptography. In the case ofthe structured MinRank instances arising in the latter, we build upon arecent breakthrough [11] showing that algebraic attacks outperform thecombinatorial ones that were considered state of the art up until now.Through a slight modification of this approach, we completely avoidGr¨obner bases computations for certain parameters and are left onlywith solving linear systems. This does not only substantially improvethe complexity, but also gives a convincing argument as to why algebraic techniques work in this case. When used against the second roundNIST-PQC candidates ROLLO-I-128/192/256, our new attack has bitcomplexity respectively 71, 87, and 151, to be compared to 117, 144,and 197 as obtained in [11]. The linear systems arise from the nullityof the maximal minors of a certain matrix associated to the algebraicmodeling. We also use a similar approach to improve the algebraic MinRank solvers for the usual MinRank problem. When applied against thesecond round NIST-PQC candidates GeMSS and Rainbow, our attackhas a complexity that is very close to or even slightly better than thoseof the best known attacks so far. Note that these latter attacks did notrely on MinRank techniques since the MinRank approach used to givecomplexities that were far away from classical security levels.