A new multivariate primitive from CCZ equivalence

TL;DR

This paper introduces a novel multivariate cryptographic primitive based on CCZ equivalence, expanding the construction methods beyond traditional affine transformations for post-quantum security.

Contribution

It proposes a new multivariate scheme construction leveraging CCZ equivalence, offering a broader framework for cryptographic design in post-quantum cryptography.

Findings

Introduces a general construction method using CCZ equivalence.

Expands the theoretical understanding of multivariate cryptography.

Provides potential new avenues for secure scheme design.

Abstract

Multivariate Cryptography is one of the candidates for Post-quantum Cryptography. Multivariate schemes are usually constructed by applying two secret affine invertible transformations $\mathcal S,\mathcal T$ to a set of multivariate polynomials $\mathcal{F}$ (often quadratic). The polynomials $\mathcal{F}$ possess a trapdoor that allows the legitimate user to find a solution of the corresponding system, while the public polynomials $\mathcal G=\mathcal S\circ\mathcal F\circ\mathcal T$ look like random polynomials. The polynomials $\mathcal G$ and $\mathcal F$ are said to be affine equivalent. In this article, we present a more general way of constructing a multivariate scheme by considering the CCZ equivalence, which has been introduced and studied in the context of vectorial Boolean functions.