Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

The solving degrees for computing Gröbner bases of affine semi-regular polynomial sequences

Momonari Kudo, Kazuhiro Yokoyama

Abstract

In this paper, we study the solving degrees for affine semi-regular sequences and their homogenized sequences. Some of our results are considered to give mathematically rigorous proofs of the correctness of methods for computing Gröbner bases of the ideal generated by an affine semi-regular sequence. This paper is a sequel of the authors' previous work and gives additional results on the solving degrees and important behaviors of Gröbner basis computation. We also define the generalized degree of regularity for a sequence of homogeneous polynomials. For the ideal generated by the homogenization of an affine semi-regular sequence, we relate its generalized degree of regularity with its maximal Gröbner basis degree (i.e., the solving degree for the homogenized sequence). The definition of a generalized (cryptographic) semi-regular sequence is also given, and it derives a new cryptographic assumption to estimate the security of cryptosystems. From our experimental observation, we raise a conjecture and some questions related to this generalized semi-regularity. These definitions and our results provide a theoretical formulation of (somehow heuristic) discussions done so far in the cryptographic community.

The solving degrees for computing Gröbner bases of affine semi-regular polynomial sequences

Abstract

In this paper, we study the solving degrees for affine semi-regular sequences and their homogenized sequences. Some of our results are considered to give mathematically rigorous proofs of the correctness of methods for computing Gröbner bases of the ideal generated by an affine semi-regular sequence. This paper is a sequel of the authors' previous work and gives additional results on the solving degrees and important behaviors of Gröbner basis computation. We also define the generalized degree of regularity for a sequence of homogeneous polynomials. For the ideal generated by the homogenization of an affine semi-regular sequence, we relate its generalized degree of regularity with its maximal Gröbner basis degree (i.e., the solving degree for the homogenized sequence). The definition of a generalized (cryptographic) semi-regular sequence is also given, and it derives a new cryptographic assumption to estimate the security of cryptosystems. From our experimental observation, we raise a conjecture and some questions related to this generalized semi-regularity. These definitions and our results provide a theoretical formulation of (somehow heuristic) discussions done so far in the cryptographic community.
Paper Structure (24 sections, 35 theorems, 100 equations, 1 figure, 2 tables)

This paper contains 24 sections, 35 theorems, 100 equations, 1 figure, 2 tables.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Semi-regular sequences
  4. Solving degrees of Gröbner basis computation
  5. Definitions of solving degrees
  6. Upper bounds on solving degree
  7. Extension of the notion of degree of regularity
  8. Proofs of Theorems \ref{['thm:mainA']} and \ref{['thm:mainB']}
  9. Bounded regularity of homogenized sequences
  10. Solving degree for homogenized sequences
  11. Behaviors of Gröbner bases computation
  12. Correspondence between $G_{\rm hom}$ and $G_{\rm top}$
  13. Correspondence between the computations of $G_{\rm hom}$ and $G$
  14. Phase 1: Before degree fall in the computation of $G$:
  15. Phase 2: At the step degree $D$:
  16. ...and 9 more sections

Key Result

Theorem 1

With notation as above, assume that $\bm{F}$ is affine cryptographic semi-regular, and put $D := d_{\rm reg}(\langle F^{\rm top} \rangle)$. Then, we have the following:

Figures (1)

  • Figure 1: The values of coefficients in $(1+z)^{n+1}$ for $(n,m)=(9,10)$ (the left figure) and $(n,m)=(10,11)$ (the right figure). The horizontal axis indicates the degree $i$ of $z^i$, and the vertical axis indicates the value of the coefficient of $z^i$. Note that $D = (n+3)/2$ for an odd $n$ and $D=(n+2)/2$ for even $n$, and thus $D-1= 5$ for $n\in \{9,10\}$. See Remark \ref{['rem:mn1']} for a description.

Theorems & Definitions (78)

  • Theorem 1: Theorem \ref{['thm:main']}, Remark \ref{['rem:zerodim']}, and Corollary \ref{['cor:Dreg']}
  • Theorem 2: Theorem \ref{['thm:sdb']} and Proposition \ref{['pro:dsat']}
  • Theorem 3: Section 4; cf. KY
  • Remark 1
  • Proposition 1: Lemma \ref{['lem:bound_new']} and Proposition \ref{['prop:new']}; see also Subsection \ref{['subsec:genral']}
  • Corollary 1: Corollary \ref{['cor:complexity']} and Remark \ref{['rem:MQ']}; see also Subsection \ref{['subsec:exp']}
  • Definition 2.1.1: Semi-regular sequences, Pardue
  • Proposition 2.1.2: cf. Pardue
  • Definition 2.1.3: BFS; see also Diem2
  • Theorem 2.1.4: cf. Diem2
  • ...and 68 more