: Class HFE2

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

HFE
Class HFE2_n

java.lang.Object
  |
  +--HFE.HFE2_n

All Implemented Interfaces:: CheckRoot

class HFE2_n
extends java.lang.Object
implements CheckRoot

This class is the "final version" of HFE which works on n=67,129,257 bits over the field GF(2) (Field2) which extents to GF(2^n) (Field2_n).

Version:: 0.1

Field Summary

private static int[] codeVec
          Cipher as a vector.

(package private) static int extensionDegree
          Holds the degree of the irreducible polynomial and thereby also the degree of the extension field

(package private) static int[] generatingPolynomial
          Central switch to change generating polynomial.

(package private) static Poly2Max generatingPolynomialAsMaxPoly
          Polynomial set in variable generatingPolynomial but as a Poly2Max polynomial.

(package private) static int hashLen
          Holds the number of bits for the hash value

(package private) Poly2MultiSquare[] hashPoly
          Quadratic polynomials for computing hash of message m

(package private) int[] hashValue
          hash value of the current message

(package private) static int messageLength
          Holds the number of bits for an encrypted message, i.e.

(package private) static int messageSigLength
          Holds the number of bits for a message in terms of a signature.

(package private) int modeDecSig
          Signals if we are in decryption (1) or signature generation mode (-1).

(package private) static int padBits
          Holds the number of bits for a message in terms of a signature.

(package private) static int paramK
          Holds the number of public equations which are replaced by random equations.

private Poly2_nMax privatePoly
          Stores the private polynomial over GF(2^n).

private Poly2MultiSquare[] publicPoly
          Stores the public key in an array of polynomials.

(package private) static int reductionTerm
          Central switch to change the reduction term, i.e.

private static int[] resVec
          Message as a vector.

(package private) java.util.Random rnd
          Random number generator for signature generation

private RootFinding rootFinder
          Root finding algorithm

private static int[] rootVec
          Message as a vector.

(package private) static int signatureLength
          Holds the number of bits for a signature.

private static int[] sigTmpVec
          Hash of message as a vector.

private static int[] textVec
          Message as a vector.

(package private) Field2_n tmpElem
          Temporary register [element of GF(2^n)].

private Transform2 transS
          Transformation S in HFE

private Transform2 transT
          Transformation T in HFE

private static int[] valueVec
          Message in a special format as a vector.

Constructor Summary

(package private) HFE2_n(byte[] seed)
          Initializes HFE2_n by generating the public and the private key from the given seed.

Method Summary

boolean checkRoot(Field2_n root)
          Returns always true in signature mode (see variable modeDecSig).

void decrypt(int[] cipher, int[] res)
          Decrypts a given, n bit cipher text.

void encrypt(int[] plain, int[] res)
          Encryptes a given, n bit plain text.

private void encryptPrivate(int[] plain, int[] res)
          Encryptes a given, n bit plain text.

(package private) void generateKeys(byte[] seed)
          Generates the public and the private key from a given seed and stores them in the object's fields.

private static Poly2_nMax genPolyPrivate(java.security.SecureRandom rndGen)
          Generates a private key for HFE.

private Poly2MultiSquare[] genPolyPublic(java.security.SecureRandom rndGen)
          Generats the public polynomials from the private polynomial

void genSign(int[] message, int[] res)
          Generates signature for given message using (S,P,T).

static void main(java.lang.String[] args)
          Tests everything in this class

private void setHashPoly()
          Sets the hash polynomials using a constant seed.

static void speedIt()


static void testIt()
          Tests the functionality of the whole class.

boolean valSign(int[] message, int[] sig)
          Validates if given signature sig is valid or not.

Methods inherited from class java.lang.Object

, clone, equals, finalize, getClass, hashCode, notify, notifyAll, registerNatives, toString, wait, wait, wait

Field Detail

generatingPolynomial

static final int[] generatingPolynomial

Central switch to change generating polynomial. Saves only the powers as the coefficients must be 1. The same polynomial (but in a different format) is stored in generatingPolynomialAsMaxPoly

reductionTerm

static final int reductionTerm

Central switch to change the reduction term, i.e. the part of the polynomial with is not the degree and not zero

extensionDegree

static final int extensionDegree

Holds the degree of the irreducible polynomial and thereby also the degree of the extension field

generatingPolynomialAsMaxPoly

static final Poly2Max generatingPolynomialAsMaxPoly

Polynomial set in variable generatingPolynomial but as a Poly2Max polynomial. Does not need to be changed for different Field2_n.

hashLen

static final int hashLen

Holds the number of bits for the hash value

paramK

static final int paramK

Holds the number of public equations which are replaced by random equations. Must be 0 for a signature scheme for internal reasons. In this case "padBits" replace paramK. paramK should be less than 10 for a decryption scheme as increasing paramK by one means to double the time for decryption.

messageLength

static final int messageLength

Holds the number of bits for an encrypted message, i.e. hashLen + extensionDegree.

padBits

static final int padBits

Holds the number of bits for a message in terms of a signature. This is smaller than messageLength as we need some "extra bits" for random padding. padBits can be very large in a signature scheme and should be bigger than 10 - otherwise the change to find a root is too poor.

messageSigLength

static final int messageSigLength

Holds the number of bits for a message in terms of a signature. This is smaller than messageLength as we need some "extra bits" for random padding.

signatureLength

static final int signatureLength

Holds the number of bits for a signature.

modeDecSig

int modeDecSig

Signals if we are in decryption (1) or signature generation mode (-1). Is used in method checkRoot(HFE.Field2_n) to signal the correct result to class RootFinding.

privatePoly

private Poly2_nMax privatePoly

Stores the private polynomial over GF(2^n). Is used for decryption.

publicPoly

private Poly2MultiSquare[] publicPoly

Stores the public key in an array of polynomials. Is used for encryption

transS

private Transform2 transS

Transformation S in HFE

transT

private Transform2 transT

Transformation T in HFE

rootFinder

private RootFinding rootFinder

Root finding algorithm

textVec

private static int[] textVec

Message as a vector. For the sake of speed is it a static.

sigTmpVec

private static int[] sigTmpVec

Hash of message as a vector. For the sake of speed is it a static. Is used in genSign(int[], int[])

resVec

private static int[] resVec

Message as a vector. For the sake of speed is it a static.

rootVec

private static int[] rootVec

Message as a vector. For the sake of speed is it a static. Is set in checkRoot(HFE.Field2_n) and used in decrypt(int[], int[]) as well as genSign(int[], int[]).

valueVec

private static int[] valueVec

Message in a special format as a vector. For the sake of speed is it a static.

codeVec

private static int[] codeVec

Cipher as a vector. For the sake of speed static.

hashPoly

Poly2MultiSquare[] hashPoly

Quadratic polynomials for computing hash of message m

hashValue

int[] hashValue

hash value of the current message

tmpElem

Field2_n tmpElem

Temporary register [element of GF(2^n)]. Static for the sake of speed

rnd

java.util.Random rnd

Random number generator for signature generation

Constructor Detail

HFE2_n

HFE2_n(byte[] seed)

Initializes HFE2_n by generating the public and the private key from the given seed. Also generates the message digest.

Parameters:: seed - Seed for the cryptographic random number generator.

Method Detail

genPolyPrivate

private static Poly2_nMax genPolyPrivate(java.security.SecureRandom rndGen)

Generates a private key for HFE. This polynomial has the form f(x) = x^33 + ax^32 + bx^24 + cx^20 + dx^18 + ex^17 + fx^16 + gx^12 + hx^10 + ix^9 + jx^8 + kx^6 + lx^5 + mx^4 + nx^3 + ox^2 + px^1 where a..p are from GF(2^n).

Parameters:: rndGen - Secure random number generator
Returns:: private polynomial

genPolyPublic

private Poly2MultiSquare[] genPolyPublic(java.security.SecureRandom rndGen)

Generats the public polynomials from the private polynomial

Parameters:: rndGen - Secure random number generator
Returns:: public polynomials

generateKeys

void generateKeys(byte[] seed)

Generates the public and the private key from a given seed and stores them in the object's fields. For cryptographic purposes, the seed is too short.

Parameters:: seed - Seed for the random number generator. Must be "quite long" to be secure.

setHashPoly

private void setHashPoly()

Sets the hash polynomials using a constant seed.

encryptPrivate

private void encryptPrivate(int[] plain,
                            int[] res)

Encryptes a given, n bit plain text.
Uses private key.

Parameters:: plain - plaintext as vector of n bits; res - result as a vector of n+16 bits

encrypt

public void encrypt(int[] plain,
                    int[] res)

Encryptes a given, n bit plain text.
Uses public polynomials

Parameters:: plaintext - as vector of n bits; res - result as a vector of n+16 bits

decrypt

public void decrypt(int[] cipher,
                    int[] res)

Decrypts a given, n bit cipher text.
Uses private key (S,P,T)

Parameters:: ciphertext - as bit-vector; res - result as a bit-vector

genSign

public void genSign(int[] message,
                    int[] res)

Generates signature for given message using (S,P,T).

Parameters:: message - to sign (in general: hash of this message with messageSigLength bits); res - signature for this message with signatureLength bits

valSign

public boolean valSign(int[] message,
                       int[] sig)

Validates if given signature sig is valid or not.

Parameters:: message - which was signed (in general: hash of this message with messageSigLength bits) using method genSign(int[], int[]); sig - signature for this message with signatureLength bits
Returns:: true iff sig is valid for current public key

checkRoot

public boolean checkRoot(Field2_n root)

Returns always true in signature mode (see variable modeDecSig). In decryption mode checks if the root has the correct hash value after transformation S is applied. If so, returns true.

Specified by:: checkRoot in interface CheckRoot

Returns:: true iff the root is correct.

testIt

public static void testIt()

Tests the functionality of the whole class. If there occurs any error it will be printed on stdout.

speedIt

public static final void speedIt()

main

public static void main(java.lang.String[] args)

Tests everything in this class

See Also:: testIt()