An estimate of the complexity of the section finding problem on algebraic surfaces

Shinya Okumura, Koichiro Akiyama, Tsuyoshi Takagi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Researching post-quantum cryptography has been an important task in cryptography. The section finding problem on algebraic surfaces (AS-SFP) is considered to be intractable also after building quantum computers. Thus AS-SFP is used as a basis of the security of the Algebraic Surface Cryptosystem (ASC), which is a candidate of post-quantum cryptosystems, and it is important for designing parameters which make ASC secure to estimate the complexity of AS-SFP. Solving AS-SFP is reduced to solving certain multivariate equation systems (section equation systems) of high degrees, and one can solve such equation systems by using the Gröbner basis technique. Although estimating the complexity of computing a Gröbner basis associated with an equation system is difficult in general, it becomes easy if the equation system is semi-regular. In this paper, we experimentally estimate the complexity of AS-SFP. From our experimental results, although we see that section equation systems do not become semi-regular in most cases for small parameters, we can infer parameters closely related to the difficulty of computing Gröbner bases associated with section equation systems. According to our inference, we estimate the complexity of AS-SFP and parameters which make ASC 128-bit security against the attack by the Gröbner basis technique. We also consider a brute-force attack against ASSFP and conjecture that the brute-force attack is more efficient than the attack by the Gröbner basis technique. Finally, we estimate parameters and sizes of public keys such that ASC has 128-bit security against the brute-force attack. Its size (876 bits) is much smaller than sizes of public keys in other efficient candidates of PQC.

Original languageEnglish
Title of host publicationProceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages28-36
Number of pages9
ISBN (Electronic)9781509026555
DOIs
Publication statusPublished - Jan 13 2017
Event4th International Symposium on Computing and Networking, CANDAR 2016 - Hiroshima, Japan
Duration: Nov 22 2016Nov 25 2016

Publication series

NameProceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016

Other

Other4th International Symposium on Computing and Networking, CANDAR 2016
CountryJapan
CityHiroshima
Period11/22/1611/25/16

Fingerprint

Cryptography
Quantum cryptography
Quantum computers

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Hardware and Architecture
  • Signal Processing
  • Computer Networks and Communications

Cite this

Okumura, S., Akiyama, K., & Takagi, T. (2017). An estimate of the complexity of the section finding problem on algebraic surfaces. In Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016 (pp. 28-36). [7818591] (Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CANDAR.2016.51

An estimate of the complexity of the section finding problem on algebraic surfaces. / Okumura, Shinya; Akiyama, Koichiro; Takagi, Tsuyoshi.

Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 28-36 7818591 (Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Okumura, S, Akiyama, K & Takagi, T 2017, An estimate of the complexity of the section finding problem on algebraic surfaces. in Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016., 7818591, Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016, Institute of Electrical and Electronics Engineers Inc., pp. 28-36, 4th International Symposium on Computing and Networking, CANDAR 2016, Hiroshima, Japan, 11/22/16. https://doi.org/10.1109/CANDAR.2016.51
Okumura S, Akiyama K, Takagi T. An estimate of the complexity of the section finding problem on algebraic surfaces. In Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 28-36. 7818591. (Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016). https://doi.org/10.1109/CANDAR.2016.51
Okumura, Shinya ; Akiyama, Koichiro ; Takagi, Tsuyoshi. / An estimate of the complexity of the section finding problem on algebraic surfaces. Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 28-36 (Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016).
@inproceedings{0fad1b57ffdf4c37885bd6a8c8737d59,
title = "An estimate of the complexity of the section finding problem on algebraic surfaces",
abstract = "Researching post-quantum cryptography has been an important task in cryptography. The section finding problem on algebraic surfaces (AS-SFP) is considered to be intractable also after building quantum computers. Thus AS-SFP is used as a basis of the security of the Algebraic Surface Cryptosystem (ASC), which is a candidate of post-quantum cryptosystems, and it is important for designing parameters which make ASC secure to estimate the complexity of AS-SFP. Solving AS-SFP is reduced to solving certain multivariate equation systems (section equation systems) of high degrees, and one can solve such equation systems by using the Gr{\"o}bner basis technique. Although estimating the complexity of computing a Gr{\"o}bner basis associated with an equation system is difficult in general, it becomes easy if the equation system is semi-regular. In this paper, we experimentally estimate the complexity of AS-SFP. From our experimental results, although we see that section equation systems do not become semi-regular in most cases for small parameters, we can infer parameters closely related to the difficulty of computing Gr{\"o}bner bases associated with section equation systems. According to our inference, we estimate the complexity of AS-SFP and parameters which make ASC 128-bit security against the attack by the Gr{\"o}bner basis technique. We also consider a brute-force attack against ASSFP and conjecture that the brute-force attack is more efficient than the attack by the Gr{\"o}bner basis technique. Finally, we estimate parameters and sizes of public keys such that ASC has 128-bit security against the brute-force attack. Its size (876 bits) is much smaller than sizes of public keys in other efficient candidates of PQC.",
author = "Shinya Okumura and Koichiro Akiyama and Tsuyoshi Takagi",
year = "2017",
month = "1",
day = "13",
doi = "10.1109/CANDAR.2016.51",
language = "English",
series = "Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "28--36",
booktitle = "Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016",
address = "United States",

}

TY - GEN

T1 - An estimate of the complexity of the section finding problem on algebraic surfaces

AU - Okumura, Shinya

AU - Akiyama, Koichiro

AU - Takagi, Tsuyoshi

PY - 2017/1/13

Y1 - 2017/1/13

N2 - Researching post-quantum cryptography has been an important task in cryptography. The section finding problem on algebraic surfaces (AS-SFP) is considered to be intractable also after building quantum computers. Thus AS-SFP is used as a basis of the security of the Algebraic Surface Cryptosystem (ASC), which is a candidate of post-quantum cryptosystems, and it is important for designing parameters which make ASC secure to estimate the complexity of AS-SFP. Solving AS-SFP is reduced to solving certain multivariate equation systems (section equation systems) of high degrees, and one can solve such equation systems by using the Gröbner basis technique. Although estimating the complexity of computing a Gröbner basis associated with an equation system is difficult in general, it becomes easy if the equation system is semi-regular. In this paper, we experimentally estimate the complexity of AS-SFP. From our experimental results, although we see that section equation systems do not become semi-regular in most cases for small parameters, we can infer parameters closely related to the difficulty of computing Gröbner bases associated with section equation systems. According to our inference, we estimate the complexity of AS-SFP and parameters which make ASC 128-bit security against the attack by the Gröbner basis technique. We also consider a brute-force attack against ASSFP and conjecture that the brute-force attack is more efficient than the attack by the Gröbner basis technique. Finally, we estimate parameters and sizes of public keys such that ASC has 128-bit security against the brute-force attack. Its size (876 bits) is much smaller than sizes of public keys in other efficient candidates of PQC.

AB - Researching post-quantum cryptography has been an important task in cryptography. The section finding problem on algebraic surfaces (AS-SFP) is considered to be intractable also after building quantum computers. Thus AS-SFP is used as a basis of the security of the Algebraic Surface Cryptosystem (ASC), which is a candidate of post-quantum cryptosystems, and it is important for designing parameters which make ASC secure to estimate the complexity of AS-SFP. Solving AS-SFP is reduced to solving certain multivariate equation systems (section equation systems) of high degrees, and one can solve such equation systems by using the Gröbner basis technique. Although estimating the complexity of computing a Gröbner basis associated with an equation system is difficult in general, it becomes easy if the equation system is semi-regular. In this paper, we experimentally estimate the complexity of AS-SFP. From our experimental results, although we see that section equation systems do not become semi-regular in most cases for small parameters, we can infer parameters closely related to the difficulty of computing Gröbner bases associated with section equation systems. According to our inference, we estimate the complexity of AS-SFP and parameters which make ASC 128-bit security against the attack by the Gröbner basis technique. We also consider a brute-force attack against ASSFP and conjecture that the brute-force attack is more efficient than the attack by the Gröbner basis technique. Finally, we estimate parameters and sizes of public keys such that ASC has 128-bit security against the brute-force attack. Its size (876 bits) is much smaller than sizes of public keys in other efficient candidates of PQC.

UR - http://www.scopus.com/inward/record.url?scp=85015169906&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85015169906&partnerID=8YFLogxK

U2 - 10.1109/CANDAR.2016.51

DO - 10.1109/CANDAR.2016.51

M3 - Conference contribution

AN - SCOPUS:85015169906

T3 - Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016

SP - 28

EP - 36

BT - Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -