Cryptanalysis of 2R− Schemes

Abstract: Abstract. In this paper, we study the security of 2R − schemes [17,18], which are the "minus variant" of two-round schemes. This variant consists in removing some of the n polynomials of the public key, and permits to thwart an attack described at Crypto'99 [25] against two-round schemes. Usually, the "minus variant" leads to a real strengthening of the considered schemes. We show here that this is actually not true for 2R − schemes. We indeed propose an efficient algorithm for decomposing 2R − schemes. For in… Show more

“…where t ∈ C [11]. Therefore, although we cannot generally find the construction of the anti-particle representation of this most general many-body quantum system at finite temperature, without considerable effort, we can easily identify that the basis functions which have no t in them will generate I ∩ (x 1 ), and in fact these elements form an exact Gröbner basis, as will now show.…”

“…However, clearly this approach is not very instructive for (10) since we are reducing the polynomial ring in (6) to a factor algebra where the grade projection is onto a trivial center, but for more subtle reasons, we now argue, neither is (11). Formally, the Clifford algebra Cl associates a quadratic form η to the associative algebra generated by the elements {Γ l }…”

“…Therefore, although we cannot generally find the construction of the anti-particle representation of this most general many-body quantum system at finite temperature, without considerable effort, we can easily identify that the basis functions which have no t in them will generate I ∩ (x 1 ), and in fact these elements form an exact Gröbner basis, as will now show. The key point is that although usually we want the representation of the braid group to be formed via a known algebra X (such as the Clifford algebra) and its twist Y (for a faithful representation of the fundamental group of the quantum system [8]), in (25), what we can see from the above is that it is more natural to braid the intersection between the primitive and maximal spectra of X, and X, as defined via the quotient ideal (I : J ) in (31), which in this case we would define via the specific ideal in (11). This generalises the notion of the anyon in (3) to an object which can be used to form an exact representation of the Braid group of a general many-body quantum system at finite-temperatures, even when the unitary representation of the fundamental group of the system defined in (3) is unfaithful.…”

“…However, more fundamentally, because the path weights associated with these anyons form a one-dimensional unitary representation of the fundamental group of the quantum system [7][8] (which in two physical dimensions forms a representation of the Braid group [9]), this frames the question as to whether in the broadest sense quantum systems are integrable, and have exact solutions. Specifically, the question we seek to address in this article is whether the above foundational approaches for quantum theory are restricted to systems which have an underlying Clifford algebra [9], as was the case with original cases considered for SO(3) and SO(2) [3] [8], or indeed are restricted to systems in which the Clifford group forms a stabilizer [6] or normalizer [10] of the fundamental group of the quantum system or, if in fact, there is a much more general prescription for constructing algebras for topological quantum computing, via Gröbner bases [11], which is more widely applicable for finite temperature systems.…”

Gröbner bases for finite-temperature quantum computing and their complexity

“…where t ∈ C [11]. Therefore, although we cannot generally find the construction of the anti-particle representation of this most general many-body quantum system at finite temperature, without considerable effort, we can easily identify that the basis functions which have no t in them will generate I ∩ (x 1 ), and in fact these elements form an exact Gröbner basis, as will now show.…”

“…However, clearly this approach is not very instructive for (10) since we are reducing the polynomial ring in (6) to a factor algebra where the grade projection is onto a trivial center, but for more subtle reasons, we now argue, neither is (11). Formally, the Clifford algebra Cl associates a quadratic form η to the associative algebra generated by the elements {Γ l }…”

“…Therefore, although we cannot generally find the construction of the anti-particle representation of this most general many-body quantum system at finite temperature, without considerable effort, we can easily identify that the basis functions which have no t in them will generate I ∩ (x 1 ), and in fact these elements form an exact Gröbner basis, as will now show. The key point is that although usually we want the representation of the braid group to be formed via a known algebra X (such as the Clifford algebra) and its twist Y (for a faithful representation of the fundamental group of the quantum system [8]), in (25), what we can see from the above is that it is more natural to braid the intersection between the primitive and maximal spectra of X, and X, as defined via the quotient ideal (I : J ) in (31), which in this case we would define via the specific ideal in (11). This generalises the notion of the anyon in (3) to an object which can be used to form an exact representation of the Braid group of a general many-body quantum system at finite-temperatures, even when the unitary representation of the fundamental group of the system defined in (3) is unfaithful.…”

“…However, more fundamentally, because the path weights associated with these anyons form a one-dimensional unitary representation of the fundamental group of the quantum system [7][8] (which in two physical dimensions forms a representation of the Braid group [9]), this frames the question as to whether in the broadest sense quantum systems are integrable, and have exact solutions. Specifically, the question we seek to address in this article is whether the above foundational approaches for quantum theory are restricted to systems which have an underlying Clifford algebra [9], as was the case with original cases considered for SO(3) and SO(2) [3] [8], or indeed are restricted to systems in which the Clifford group forms a stabilizer [6] or normalizer [10] of the fundamental group of the quantum system or, if in fact, there is a much more general prescription for constructing algebras for topological quantum computing, via Gröbner bases [11], which is more widely applicable for finite temperature systems.…”

Gröbner bases for finite-temperature quantum computing and their complexity

“…Most of them deal with quadratic polynomials [5,18,19,21,26], and some of them deal with polynomials of degree greater than two [6,10,12,22,32]. In symmetric cryptography, Berbain et al proposed QUAD, which is a stream cipher with provable security based on the MQ problem [5].…”

Public-Key Identification Schemes Based on Multivariate Cubic Polynomials

Cryptanalysis of the TRMS Signature Scheme of PKC’05