-
Improvements of Algebraic Attacks for solving the Rank Decoding and MinRank problems
Authors:
Magali Bardet,
Maxime Bros,
Daniel Cabarcas,
Philippe Gaborit,
Ray Perlner,
Daniel Smith-Tone,
Jean-Pierre Tillich,
Javier Verbel
Abstract:
Rank Decoding (RD) is the main underlying problem in rank-based cryptography. Based on this problem and quasi-cyclic versions of it, very efficient schemes have been proposed recently, such as those in the ROLLO and RQC submissions, which have reached the second round of the NIST Post-Quantum competition. Two main approaches have been studied to solve RD: combinatorial ones and algebraic ones. Whi…
▽ More
Rank Decoding (RD) is the main underlying problem in rank-based cryptography. Based on this problem and quasi-cyclic versions of it, very efficient schemes have been proposed recently, such as those in the ROLLO and RQC submissions, which have reached the second round of the NIST Post-Quantum competition. Two main approaches have been studied to solve RD: combinatorial ones and algebraic ones. While the former has been studied extensively, a better understanding of the latter was recently obtained by Bardet et al. (EUROCRYPT20) where it appeared that algebraic attacks can often be more efficient than combinatorial ones for cryptographic parameters. This paper gives substantial improvements upon this attack in terms both of complexity and of the assumptions required by the cryptanalysis. We present attacks for ROLLO-I-128, 192, and 256 with bit complexity respectively in 70, 86, and 158, to be compared to 117, 144, and 197 for the aforementionned previous attack. Moreover, unlike this previous attack, ours does not need generic Gröbner basis algorithms since it only requires to solve a linear system. For a case called overdetermined, this modeling allows us to avoid Gröbner basis computations by going directly to solving a linear system. For the other case, called underdetermined, we also improve the results from the previous attack by combining the Ourivski-Johansson modeling together with a new modeling for a generic MinRank instance; the latter modeling allows us to refine the analysis of MinRank's complexity given in the paper by Verbel et al. (PQC19). Finally, since the proposed parameters of ROLLO and RQC are completely broken by our new attack, we give examples of new parameters for ROLLO and RQC that make them resistant to our attacks. These new parameters show that these systems remain attractive, with a loss of only about 50\% in terms of key size for ROLLO-I.
△ Less
Submitted 9 February, 2021; v1 submitted 14 February, 2020;
originally announced February 2020.
-
On the degree of the polynomial defining a planar algebraic curves of constant width
Authors:
Magali Bardet,
Térence Bayen
Abstract:
In this paper, we consider a family of closed planar algebraic curves $\mathcal{C}$ which are given in parametrization form via a trigonometric polynomial $p$. When $\mathcal{C}$ is the boundary of a compact convex set, the polynomial $p$ represents the support function of this set. Our aim is to examine properties of the degree of the defining polynomial of this family of curves in terms of the d…
▽ More
In this paper, we consider a family of closed planar algebraic curves $\mathcal{C}$ which are given in parametrization form via a trigonometric polynomial $p$. When $\mathcal{C}$ is the boundary of a compact convex set, the polynomial $p$ represents the support function of this set. Our aim is to examine properties of the degree of the defining polynomial of this family of curves in terms of the degree of $p$. Thanks to the theory of elimination, we compute the total degree and the partial degrees of this polynomial, and we solve in addition a question raised by Rabinowitz in \cite{Rabi} on the lowest degree polynomial whose graph is a non-circular curve of constant width. Computations of partial degrees of the defining polynomial of algebraic surfaces of constant width are also provided in the same way.
△ Less
Submitted 16 December, 2013;
originally announced December 2013.
-
Complexity reduction of C-algorithm
Authors:
Magali Bardet,
Islam Boussaada
Abstract:
The C-Algorithm introduced in [Chouikha2007] is designed to determine isochronous centers for Lienard-type differential systems, in the general real analytic case. However, it has a large complexity that prevents computations, even in the quartic polynomial case.
The main result of this paper is an efficient algorithmic implementation of C-Algorithm, called ReCA (Reduced C-Algorithm). Moreover,…
▽ More
The C-Algorithm introduced in [Chouikha2007] is designed to determine isochronous centers for Lienard-type differential systems, in the general real analytic case. However, it has a large complexity that prevents computations, even in the quartic polynomial case.
The main result of this paper is an efficient algorithmic implementation of C-Algorithm, called ReCA (Reduced C-Algorithm). Moreover, an adapted version of it is proposed in the rational case. It is called RCA (Rational C-Algorithm) and is widely used in [BardetBoussaadaChouikhaStrelcyn2010] and [BoussaadaChouikhaStrelcyn2010] to find many new examples of isochronous centers for the Liénard type equation.
△ Less
Submitted 25 November, 2010; v1 submitted 21 July, 2010;
originally announced July 2010.
-
Isochronicity conditions for some planar polynomial systems II
Authors:
Magali Bardet,
Islam Boussaada,
A. Raouf Chouikha,
Jean-Marie Strelcyn
Abstract:
We study the isochronicity of centers at $O\in \mathbb{R}^2$ for systems $$\dot x=-y+A(x,y),\;\dot y=x+B(x,y),$$ where $A,\;B\in \mathbb{R}[x,y]$, which can be reduced to the Liénard type equation. When $deg(A)\leq 4$ and $deg(B) \leq 4$, using the so-called C-algorithm we found $36$ new families of isochronous centers. When the Urabe function $h=0$ we provide an explicit general formula for linea…
▽ More
We study the isochronicity of centers at $O\in \mathbb{R}^2$ for systems $$\dot x=-y+A(x,y),\;\dot y=x+B(x,y),$$ where $A,\;B\in \mathbb{R}[x,y]$, which can be reduced to the Liénard type equation. When $deg(A)\leq 4$ and $deg(B) \leq 4$, using the so-called C-algorithm we found $36$ new families of isochronous centers. When the Urabe function $h=0$ we provide an explicit general formula for linearization. This paper is a direct continuation of \cite{BoussaadaChouikhaStrelcyn2010} but can be read independantly.
△ Less
Submitted 5 November, 2010; v1 submitted 27 May, 2010;
originally announced May 2010.
