Mitsuru Kawazoe

Comparison between XL and Gröbner basis algorithms

This paper compares the XL algorithm with known Grobner basis algorithms. We show that to solve a system of algebraic equations via the XL algorithm is equivalent to calculate the reduced Grobner basis of the ideal associated with the system. Moreover we show that the XL algorithm is also a Grobner basis algorithm which can be represented as a redundant variant of a Grobner basis algorithm F 4. Then we compare these algorithms on semi-regular sequences, which correspond, in conjecture, to almost all polynomial systems in two cases: over the fields \(\mathbb{F}_{2}\) and \(\mathbb{F}_{q}\) with q ≫ n. We show that the size of the matrix constructed by XL is large compared to the ones of the F 5 algorithm. Finally, we give an experimental study between XL and the Buchberger algorithm on the cryptosystem HFE and find that the Buchberger algorithm has a better behavior.

Algebraic cryptanalysis of 58-round SHA-1

In 2004, a new attack against SHA-1 has been proposed by a team leaded by Wang [15]. The aim of this article1 is to sophisticate and improve Wangs attack by using algebraic techniques. We introduce new notions, namely semi-neutral bit and adjuster and propose then an improved message modification technique based on algebraic techniques. In the case of the 58-round SHA-1, the experimental complexity of our improved attack is 231 SHA-1 computations, whereas Wangs method needs 234 SHA-1 computations. We have found many new collisions for the 58-round SHA-1. We also study the complexity of our attack for the full SHA-1.

Pairing-Friendly Hyperelliptic Curves with Ordinary Jacobians of Type y2 = x5 + ax

An explicit construction of pairing-friendly hyperelliptic curves with ordinary Jacobians was firstly given by D. Freeman. In this paper, we give other explicit constructions of pairing-friendly hyperelliptic curves with ordinary Jacobians based on the closed formulae for the order of the Jacobian of a hyperelliptic curve of type y2= x5+ ax. We present two methods in this paper. One is an analogue of the Cocks-Pinch method and the other is a cyclotomic method. By using these methods, we construct a pairing-friendly hyperelliptic curve y2= x5+ axover a finite prime field

Counting Points for Hyperelliptic Curves of Type y2=x5+ax over Finite Prime Fields

{\mathbb F}_p

Suitable curves for genus-4 HCC over prime fields: point counting formulae for hyperelliptic curves of type y 2 = x 2k+1 + ax

whose Jacobian is ordinary and simple over

Relation between the XL Algorithm and Gröbner Basis Algorithms

{\mathbb F}_p

Intelligent Editor for Authoring Educational Materials in Mathematics e-Learning Systems.

with a prescribed embedding degree. Moreover, the analogue of the Cocks-Pinch produces curves with ρ≈ 4 and the cyclotomic method produces curves with 3 ≤ ρ≤ 4.

Effective Use of Math E-Learning with Questions Specification

Counting rational points on Jacobian varieties of hyperelliptic curves over finite fields is very important for constructing hyperelliptic curve cryptosystems (HCC), but known algorithms for general curves over given large prime fields need very long running time. In this article, we propose an extremely fast point counting algorithm for hyperelliptic curves of type y 2=x 5+ax over given large prime fields \(\mathbb{F}_{p}\), e.g. 80-bit fields. For these curves, we also determine the necessary condition to be suitable for HCC, that is, to satisfy that the order of the Jacobian group is of the form l· c where l is a prime number greater than about 2160 and c is a very small integer. We show some examples of suitable curves for HCC obtained by using our algorithm. We also treat curves of type y 2=x 5+a where a is not square in \(\mathbb{F}_{p}\).

PROJECTIVITY OF TORUS FIBRE SPACES OVER CURVES AND MULTIPLE FIBRES

Computing the order of the Jacobian group of a hyperelliptic curve over a finite field is very important to construct a hyperelliptic curve cryptosystem (HCC), because to construct secure HCC, we need Jacobian groups of order in the form lc where l is a prime greater than about 2160 and c is a very small integer. But even in the case of genus two, known algorithms to compute the order of a Jacobian group for a general curve need a very long running time over a large prime field. In this article, we give explicit formulae of the order of Jacobian groups for hyperelliptic curves over a finite prime field of type y2=x

Gröbner Basis Based Cryptanalysis of SHA-1.

^{\rm 2{\it k}+1}