An Improvement of a Key Exchange Protocol Relying on Polynomial Maps

TL;DR

This paper enhances a post-quantum key exchange protocol based on polynomial maps by significantly reducing failure probability while maintaining security, through restricting key components to smaller subsets, supported by theoretical and experimental validation.

Contribution

It introduces a method to improve the success rate of Akiyama et al.'s modified protocol without compromising security by limiting key component subsets.

Findings

Failure probability reduced to 2^{-120}

Achieves 128-bit security level

Theoretical and experimental validation confirms effectiveness

Abstract

Akiyama et al. (Int. J. Math. Indust., 2019) proposed a post-quantum key exchange protocol that is based on the hardness of solving a system of multivariate non-linear polynomial equations but has a design strategy different from ordinary multivariate cryptography. Their protocol has two versions, an original one and a modified one, where the modified one has a trade-off that its security is strengthened while it has non-zero error probability in establishing a common key. In fact, the evaluation in their paper suggests that the probability of failing to establish a common key by the modified protocol with the proposed parameter set is impractically high. In this paper, we improve the success probability of Akiyama et al.'s modified key exchange protocol significantly while keeping the security, by restricting each component of the correct common key from the whole of the coefficient field to its small subset. We give theoretical and experimental evaluations showing that our proposed parameter set for our protocol is expected to achieve both failure probability $2^{-120}$ and $128$-bit security level.