MQ公钥密码体制等价密钥分析

J4 ›› 2009, Vol. 36 ›› Issue (3): 428-432.

MQ公钥密码体制等价密钥分析

王鑫¹;孙晨²;王新梅¹

(1. 西安电子科技大学综合业务网理论及关键技术国家重点实验室，陕西西安 710071;
2. 空军工程大学导弹学院，陕西三原 713800)

收稿日期:2008-04-16 修回日期:2008-06-02 出版日期:2009-06-20 发布日期:2009-07-04
通讯作者: 王鑫
基金资助:
国家自然科学基金(90604009;60503010);省级.省部级基金

Equivalent keys of multivariate quadratic public key cryptosystem

WANG Xin¹;SUN Chen²;WANG Xin-mei¹

(1. State Key Lab. of Integrated Service Networks, Xidian Univ., Xi'an 710071， China;
2. Missile Inst. of Airforce Eng. Univ., Sanyuan 713800， China)

Received:2008-04-16 Revised:2008-06-02 Online:2009-06-20 Published:2009-07-04
Contact: WANG Xin

摘要/Abstract

摘要：

MQ公钥密码体制存在多个私钥对应同一个公钥的问题．应用高斯不变算子对私钥空间进行等价分类，给出了任一私钥的等价类中所含元素的个数与明密文分量之间的关系式.该式表明，对任一公钥有指数级个私钥与之对应，从而使私钥(进而公钥)空间大量减少．同时，还给出了私钥的仿射结构的标准形，该形式具有稀疏性，从而能够有效地减少计算量，提高存储效率．最后，以R-SE(2)签名体制为例，分析了分层结构对体制安全性的影响．

关键词: 多变量公钥密码, 代数分析, 等价密钥, 高斯不变算子, R-SE(2)

Abstract:

The multivariate quandratic cryptosystem has the problem that many superflous private keys correspond to the same public key. By applying the Gauss Sustainer, the private key space is partitioned into equivalence classes. And then, a relationship between the number of elements in any equivalence private key class and plaintext (ciphertext) is established. This formula shows the number of private keys corresponding to any given public key is exponential. Hence, the private (further the public) key space is reduced greatly. Moreover, the normal form of affine transformations of the private key is derived. It has the sparse characteristic, which will reduce computing complexity and improve the storage efficiency. Finally, the R-SE(2) public key signature scheme is taken for an example, and the security performance of this scheme affected by the step-structure is analyzed.

Key words: multivariate public key cryptosystem, algebraic cryptanalysis, equivalent keys, Gauss sustainer, R-SE(2)

中图分类号:

TN918.1

王鑫1;孙晨2;王新梅1. MQ公钥密码体制等价密钥分析[J]. J4, 2009, 36(3): 428-432.

WANG Xin1;SUN Chen2;WANG Xin-mei1. Equivalent keys of multivariate quadratic public key cryptosystem[J]. J4, 2009, 36(3): 428-432.

[1]	罗芳;周学广;欧庆于. 对LBlock算法的多重零相关线性分析[J]. J4, 2014, 41(5): 173-179.
[2]	刘景美;王延丽;梁斌;赵森林. 相关准循环码字集方法攻击McEliece密码体制[J]. J4, 2014, 41(2): 15-19+50.
[3]	赵永斌;胡予濮;贾艳艳. 一种抵抗能量攻击的线性反馈移位寄存器[J]. J4, 2013, 40(3): 172-179+200.
[4]	孙瑾;胡予濮. 完全安全的基于属性的广播加密方案[J]. J4, 2012, 39(4): 23-28+154.
[5]	肖鹤玲;蔡宁;王骁. 量子LDPC码在量子密钥分配中的应用[J]. J4, 2012, 39(2): 8-11+23.
[6]	刘福运;肖鸿;肖国镇. 一种代数正规形快速变换的零化子算法[J]. J4, 2009, 36(5): 890-895.
[7]	李雪莲;胡予濮. 对具有高代数免疫度布尔函数的新型代数攻击[J]. J4, 2009, 36(4): 702-707.
[8]	张串绒;张玉清. 可证明安全签密方案及其混合结构[J]. J4, 2009, 36(4): 756-760.