The XL-Algorithm and a Conjecture from Commutative Algebra
ADVANCES IN CRYPTOLOGY - ASIACRYPT 2004, PROCEEDINGS(2004)
摘要
The "XL-algorithm" is a computational method to solve overdetermined systems of polynomial equations which is based on a generalization of the well-known method of linearization; it was introduced to cryptology at Eurocrypt 2000. In this paper, we prove upper bounds on the dimensions of the spaces of equations in the XL-algorithm. These upper bounds provide strong evidence that for any fixed finite field K and any fixed c is an element of N the median of the running times of the original XL-algorithm applied to systems of m = n+c quadratic equations in n variables over K which have a solution in K is not subexponential in n. In contrast to this, in the introduction of the original paper on XL, the authors claimed to "provide strong theoretical and practical evidence that the expected running time of this technique is [...] subexponential if m exceeds n by a small number". More precise upper bounds on the dimensions of the spaces of equations in the XL-algorithm can be obtained if one assumes a standard conjecture from commutative algebra. We state the conjecture and disc cuss implications on the XL-algorithm.
更多查看译文
关键词
cryptanalysis,algebraic attacks,overdetermined systems of,polynomial equations,extended linearization,Froberg's conjecture
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络