Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

On the equivalence of two post-quantum cryptographic families

Alessio Meneghetti, Alex Pellegrini, Massimiliano Sala

TL;DR

A closed formula for a polynomial-time reduction from any instance of MLD to an instance of MQ, and viceversa is presented, thus demonstrating the direct link between the two post-quantum cryptographic families.

Abstract

The Maximum Likelihood Decoding Problem (MLD) is known to be NP-hard and its complexity is strictly related to the security of some post-quantum cryptosystems, that is, the so-called code-based primitives. Analogously, the Multivariate Quadratic System Problem (MQ) is NP-hard and its complexity is necessary for the security of the so-called multivariate-based primitives. In this paper we present a closed formula for a polynomial-time reduction from any instance of MLD to an instance of MQ, and viceversa. We also show a polynomial-time isomorphism between MQ and MLD, thus demonstrating the direct link between the two post-quantum cryptographic families.

On the equivalence of two post-quantum cryptographic families

TL;DR

A closed formula for a polynomial-time reduction from any instance of MLD to an instance of MQ, and viceversa is presented, thus demonstrating the direct link between the two post-quantum cryptographic families.

Abstract

The Maximum Likelihood Decoding Problem (MLD) is known to be NP-hard and its complexity is strictly related to the security of some post-quantum cryptosystems, that is, the so-called code-based primitives. Analogously, the Multivariate Quadratic System Problem (MQ) is NP-hard and its complexity is necessary for the security of the so-called multivariate-based primitives. In this paper we present a closed formula for a polynomial-time reduction from any instance of MLD to an instance of MQ, and viceversa. We also show a polynomial-time isomorphism between MQ and MLD, thus demonstrating the direct link between the two post-quantum cryptographic families.

Paper Structure

This paper contains 13 sections, 25 theorems, 62 equations.

Table of Contents

  1. Introduction
  2. Preliminary results and definitions
  3. Our Computational Model
  4. MLD to MQ reduction
  5. Parity-check constraint encoding
  6. Weight-computation encoding
  7. Weight constraint encoding
  8. MLD to MQ
  9. MQ to MLD reduction
  10. Quadratic equations
  11. Linear equations
  12. Conclusions
  13. Open problems

Key Result

Lemma 2.6

Consider a polynomial system $S = \lbrace f_1,\ldots,f_{\mathsf{m}} \rbrace$ with $f_i \in \mathbb{F}[x_1,\ldots,x_{\mathsf{n}}]$ and $\mathrm{deg}(f_i)=2$ for each $i=1,\ldots,\mathsf{m}$. $S$ can be taken to standard form in $\mathcal{O}(\mathsf{m}\mathsf{n}^2)$ operations. More precisely, the num

Theorems & Definitions (53)

  • Definition 1.1: MLD
  • Definition 1.4: MQ
  • Example 2.3
  • Definition 2.4
  • Lemma 2.6
  • proof
  • Lemma 3.1
  • Lemma 3.2
  • proof
  • Theorem 3.3
  • ...and 43 more