Abstract
A Zero-knowledge protocol provides provably secure entity authentication based on a hard computational problem. Among many schemes proposed since 1984, the most practical rely on factoring and discrete log, but still they are practical schemes based on NP-hard problems. Among them, the problem SD of decoding linear codes is in spite of some 30y ears of research effort, still exponential. We study a more general problem called MinRank that generalizes SD and contains also other well known hard problems. MinRank is also used in cryptanalysis of several public key cryptosystems such as birational schemes (Crypto’93), HFE (Crypto’99), GPT cryptosystem (Eurocrypt’91), TTM (Asiacrypt’2000) and Chen’s authentication scheme (1996).
We propose a new Zero-knowledge scheme based on MinRank. We prove it to be Zero-knowledge by black-box simulation. An adversary able to fraud for a given MinRank instance is either able to solve it, or is able to compute a collision on a given hash function.
MinRank is one of the most efficient schemes based on NP-complete problems. It can be used to prove in Zero-knowledge a solution to any problem described by multivariate equations. We also present a version with a public key shared by a few users, that allows anonymous group signatures (a.k.a. ring signatures).
The work described in this paper has been supported by the French Ministry of Research under RNRT Project “Turbo-signatures”.
Chapter PDF
Similar content being viewed by others
Keywords
References
Alexander Barg: Handbook of coding theory, Chapter 7: Complexity Issues in Coding Theory; North Holland, 1999.
E.R. Berlekamp, R.J. McEliece, H.C.A. van Tilborg: On the inherent intractability of certain coding problems; IEE Trans. Inf. Th., IT-24(3), pp. 384–386, May 1978.
Anne Canteaut, Florent Chabaud: A newalgorithm for finding minimum-weight words in a linear code: application to McEliece’s cryptosystem and to BCH Codes of length 511
Kefei Chen: A new identification algorithm. Cryptography Policy and algorithms conference, vol. 1029, LNCS, Springer-Verlag, 1996.
Amos Fiat, Adi. Shamir: Howto prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology, Crypto’ 86, pp. 186–194, Springer-Verlag, 1987.
Don Coppersmith, Jacques Stern, Serge Vaudenay: Attacks on the birational permutation signature schemes; Crypto 93, Springer-Verlag, pp. 435–443.
Don Coppersmith, Jacques Stern, Serge Vaudenay, The Security of the Birational Permutation Signature Schemes, in Journal of Cryptology, 10(3), pp. 207–221, 1997.
Nicolas Courtois: The security of Hidden Field Equations (HFE); Cryptographers’ Track Rsa Conference 2001, San Francisco 8–12 April 2001, LNCS2020, Springer-Verlag.
Nicolas Courtois: The security of cryptographic primitives based on multivariate algebraic problems: MQ, MinRank, IP, HFE; PhD thesis, September 25th 2001, Paris 6 University, France. Mostly in French. Available at http://www.minrank.org/phd.pdf
Nicolas Courtois and Ernst M. Gabidulin.: Security of cryptographic schemes based on rank problems; work in progress.
Ronald Cramer, Ivan Damgård: Zero-Knowledge Proofs for Finite Field Arithmetic or: Can Zero-Knowledge be for Free? Crypto’98, LNCS 1642, pp. 424–441, Springer Verlag. See http://www.brics.dk/RS/97/27/
Ernst M. Gabidulin. Theory of codes with maximum rank distance. Problems of Information Transmission, 21:1–12, 1985.
Ernst M. Gabidulin, A. V. Paramonov, O. V. Tretjakov: Ideals over a Non-Commutative Ring and their Applications in Cryptology. Eurocrypt 1991, pp. 482–489.
Ernst M. Gabidulin, Alexei V. Ourivski: Modified GPT PKC with Right Scrambler. WCC 2001, Paris, France, Daniel Augot and Claude Carlet Editor.
Marc Girault: A (non-practical) three pass identification protocol using coding theory; Advances in cryptology, AusCrypt’90, LNCS 453, pp. 265–272.
Oded Goldreich, Y. Oren. Definitions and properties of Zero-knowledge proof systems. Journal of Cryptology 1994, vol.7, no.1, pp.1–32.
S. Goldwasser, S. Micali and C. Racko., The knowledge Complexity of interactive proof systems; SIAM Journal of computing, 1997, Vol. 6, No.1, pp.84.
Louis Goubin, Nicolas Courtois Cryptanalysis of the TTM Cryptosystem; Advances of Cryptology, Asiacrypt’2000, 3–9 December 2000, Kyoto, Japan, Springer-Verlag.
Sami Harari. A newauthen tication algorithm. In Coding Theory and Applications, volume 388, pp.204–211, LNCS, 1989.
P. J. Lee and E. F. Brickell. An observation on the security of McEliece’s public-key cryptosystem; In Advances in Cryptology, Eurocrypt’88, LNCS 330, pp. 275–280. Springer-Verlag, 1988.
R.J. McEliece: A public key cryptosystem based on algebraic coding theory; DSN Progress Report42-44, Jet Propulsion Laboratory, 1978, pp. 114–116.
Jeffrey O. Shallit, Gudmund S. Frandsen, Jonathan F. Buss: The Computational Complexity of Some Problems of Linear Algebra problems, BRICS series report, Aaarhus, Denmark, RS-96-33, available on the net http://www.brics.dk/RS/96/33/.
Jacques Patarin: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of Asymmetric Algorithms; Eurocrypt’96, Springer Verlag, pp. 33–48.
Jacques Patarin, Louis Goubin, Nicolas Courtois: Quartz, 128-bit long digital signatures; Cryptographers’ Track Rsa Conference 2001, San Francisco 8–12 April 2001, LNCS2020, Springer-Verlag.
Jacques Patarin, Louis Goubin, Nicolas Courtois, + papers of Eli Biham, Aviad Kipnis, T. T. Moh, et al.: Asymmetric Cryptography with Multivariate Polynomials over a Small Finite Field; known as ‘orange script’, compilation of papers with added material. Available from JPatarin@slb.com.
David Pointcheval: A new Identification Scheme Based on the Perceptrons Problem; In Advances in Cryptology, Proceedings of Eurocrypt’95, LNCS 921, pp.319–328, Springer-Verlag.
David Pointcheval: Les preuves de connaissance et leurs preuves de sécurité, PhD thesis, December 1996, Caen University, France.
Ronald R. Rivest, Adi Shamir and Yael Tauman: Howto leak a secret; Asiacrypt 2001, LNCS, Springer-Verlag.
Adi Shamir: Efficient signature schemes based on birational permutations; Crypto’93, Springer-Verlag, pp. 1–12.
Adi Shamir: An efficient Identification Scheme Based on Permuted Kernels, In Advances in Cryptology, Crypto’89, LNCS 435, pp.606–609, Springer-Verlag.
Adi Shamir, Aviad Kipnis: Cryptanalysis of the HFE Public Key Cryptosystem; In Advances in Cryptology, Proceedings of Crypto’99, Springer-Verlag, LNCS.
Nicolas Courtois, Adi Shamir, Jacques Patarin, Alexander Klimov, Efficient Algorithms for solving Overdefined Systems of Multivariate Polynomial Equations, Eurocrypt’2000, LNCS 1807, Springer-Verlag, pp. 392–407.
Jacques Stern: A new identification scheme based on syndrome decoding; Crypto’93, LNCS 773, pp.13–21, Springer-Verlag.
Jacques Stern: Designing identification schemes with keys of short size; In Advances in Cryptology, Proceedings of Crypto’94, LNCS 839, pp.164–73, Springer-Verlag.
Jacques Stern: A method for finding codewords of small weight; Coding Theory and Applications, LNCS 434, pp.173–180, Springer-Verlag.
Jacques Stern, Florent Chabaud: The cryptographic security of the syndrome decoding problem for rank distance codes. In Advances in Cryptology, Asiacrypt’96, LNCS 1163, pp. 368–381, Springer-Verlag.
L.G. Valiant: Completeness classes in algebra. In Proc. Eleventh Ann. ACM Symp. Theor. Comp., pp. 249–261, 1979.
Alexander Vardy: The intractability of computing the minimum distance of a code; IEEE Transactions on Information Theory, Nov 1997, Vol.43, No. 6; pp. 1757–1766.
Pascal Véron, Problème SD, Opérateur Trace, Schémas d’Identification et Codes de Goppa; PhD thesis in french, Toulon University, France, july 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Courtois, N.T. (2001). Efficient Zero-Knowledge Authentication Based on a Linear Algebra Problem MinRank. In: Boyd, C. (eds) Advances in Cryptology — ASIACRYPT 2001. ASIACRYPT 2001. Lecture Notes in Computer Science, vol 2248. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45682-1_24
Download citation
DOI: https://doi.org/10.1007/3-540-45682-1_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42987-6
Online ISBN: 978-3-540-45682-7
eBook Packages: Springer Book Archive