Comparative analysis of the complexity of the linearization and enumeration methods for solving systems of nonlinear boolean equations
DOI:
https://doi.org/10.18372/2410-7840.22.14662Keywords:
systems of nonlinear Boolean equations, algorithms for solving systems, linearization and enumeration methods, complexity of algorithms, statistical modeling, cryptanalysisAbstract
The problem of finding solutions to systems of multivariate nonlinear equations over finite algebraic structures and constructing efficient algorithms for their search is important for many applied problems in various fields, and the relevance of this problem increases over time. The security of many existing cryptosystems is based on the complexity of the problem of solving systems of multivariable nonlinear equations over finite fields. In general, this task is an -complete problem. But there are many cases where such systems can be solved by methods faster than the brute-force methods. Since choosing a method can significantly reduce the time and resources required to find system solutions, the questions of assessing the complexity of different methods of solutions for systems with different sets of parameters, as well as finding the special best performing methods for a particular classes of systems, naturally arise. The paper deals with the most important for cryptography and cryptanalysis systems of multivariate nonlinear equations over the finite field . The subject of the study is a comparative analysis of the complexity of the method of linearization with the introduction of new variables for solving systems of nonlinear equations over the field with many unknowns, and the method of complete enumeration, depending on the system parameters. The purpose of the work is obtaining average estimates of the complexity of the methods, and determining the boundary in the parameter space of the overdefined consistent system of equations, which makes it possible to choose the faster and more efficient method of the two considered. Probabilistic models for obtaining theoretical, asymptotic estimates of the average complexity of the methods, and for conducting a number of statistical experiments with obtaining the average estimates by the Monte Carlo method, are proposed. It is shown that there exists a boundary in the parameter space, depending on, first of all, the relation between the maximum degree of equations of the system and the number of unknowns, which determines when the linearization method works better than the complete enumeration. Theoretical and experimental data have been used to construct this boundary. The analytical expression for the separation line in the parameter space of the system was obtained by the least squares method.
References
А. Бабаш, Г. Шанкин, Криптография, М.: СОЛОН-Р, 2002, 512 с.
А. Кобзарь, Прикладная математическая статистика. Для инженеров и научных работников, М.: ФИЗМАТ-ЛИТ, 2006, 816 с.
И. Коваленко, А. Филиппова, Теория вероятностей и математическая статистика, 2-е изд., перераб. и доп. – М.:Высш.школа, 1982, 256 с.
В. Колчин, Случайные графы, М.: ФИЗМАТЛИТ, 2000, 256с.
M. Albrecht, C. Cid, J.-C. Faugère, L. Perret, On the relation between the mutant strategy and the normal selection strategy in gröbner basis algorithms, Eprint Report 2011/164, 2011.
G. Ars, J.-C. Faugère, H. Imai, M. Kawazoe, M. Sugita, "Comparison between xl and gröbner basis algorithms", In ASIACRYPT 2004, Lecture, pp. 338-353, 2004.
M. Bardet, J.-C. Faugère, B. Salvy, B.-Y. Yang, "Asymptotic behavior of the degree of regularity of semi-regular polynomial systems", In P. Gianni, editor, MEGA 2005, Sardinia (Italy), 2005.
N. Courtois, J. Pieprzyk, "Cryptanalysis of block ciphers with overdefined systems of equations", In Advances in Cryptology _ ASIA-CRYPT 2002, vol. 2501 of Lecture Notes in Computer Science, pp. 267-287, 2002.
N. Courtois, A. Klimov, J. Patarin, A. Shamirv, "Efficient algorithms for solving overdefined systems of multivariate polynomial equations", In Advances in Cryptology _ EUROCRYPT 2000, vol. 1807, pp. 392-407, 2000.
J.-C. Faugère, "A new e-cient algorithm for computing Gröbner bases without reduction to zero (F5)", In International Symposium on Symbolic and Algebraic Computation _ ISSAC 2002, pp. 75-83, 2002.
J.-C. Faugère, A. Joux, "Algebraic cryptanalysis of Hidden Field Equations (HFE) using Gröbner bases, In Advances in Cryptology _ CRYPTO 2003, vol. 2729, pp. 44-60, 2003.
J.-C. Faugère, "A new e-cient algorithm for computing Gröbner bases (F4)", Journal of Pure anNational Institute of Standards and Technologyd Applied Algebra, vol. 139, pp. 61-88, 1999.
J.-C. Faugère, A. Otmani, L. Perret, J.-P. Tillich, "Algebraic cryptanalysis of McEliece variants with compact keys", In EUROCRYPT, vol. 6110, pp. 279-298, 2010.
I.A. Ajwa, Z. Liu, P. S. Wang, "Grobner Bases Algorithm", ICM Technical Reports, 1995.
A. Kipnis, A. Shamir, "Cryptanalysis of the HFE public key cryptosystem", In Advances in Cryptology _ CRYPTO 1999, vol. 1666, pp. 19-30, 1999.
W.S.A. Mohamed, J. Ding, T. Kleinjung, S. Bulygin, J. Buchmann, "Pwxl: A parallel wiedemann-xl algorithm for solving polynomial equations over gf(2)", Proceedings of the 2nd International Conference on Symbolic Computation and Cryptography (SCC 2010), pp. 89-100, 2010.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
