Sciweavers

ACISP
2004
Springer

Theoretical Analysis of XL over Small Fields

14 years 5 months ago
Theoretical Analysis of XL over Small Fields
Abstract. XL was first introduced to solve determined or overdetermined systems of equations over a finite field as an “algebraic attack” against multivariate cryptosystems. There has been a steady stream of announcements of cryptanalysis of primitives by such attacks, including stream ciphers (e.g. Toyocrypt), PKC’s, and more controversially block ciphers (AES/Rijndael and Serpent). Prior discussions of XL are usually heavy in simulations, which are of course valuable but we would like more attention to theory, because theory and simulations must validate each other, and there are some nuances not easily discerned from simulations. More effort was made in this direction of recent, but much of it was restricted to a large base field of size ¤ , which is usually equal to ¥ ¦ . By conducting an analysis of XL variants in general, we try to derive rigorous “termination conditions”, minimal degree requirements for reliable, successful operation of XL and its relatives, hen...
Bo-Yin Yang, Jiun-Ming Chen
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Where ACISP
Authors Bo-Yin Yang, Jiun-Ming Chen
Comments (0)