Cryptanalysis of the Multilinear Map over the Integers

Abstract : We describe a polynomial-time cryptanalysis of the (approximate) multilinear map of Coron, Lepoint and Tibouchi (CLT). The attack relies on an adaptation of the so-called zeroizing attack against the Garg, Gentry and Halevi (GGH) candidate multilinear map. Zeroiz- ing is much more devastating for CLT than for GGH. In the case of GGH, it allows to break generalizations of the Decision Linear and Subgroup Membership problems from pairing-based cryptography. For CLT, this leads to a total break: all quantities meant to be kept secret can be efficiently and publicly recovered.
Document type :
Conference papers
Complete list of metadatas
Contributor : Damien Stehle <>
Submitted on : Wednesday, December 9, 2015 - 11:32:12 AM
Last modification on : Thursday, November 21, 2019 - 2:31:32 AM


  • HAL Id : hal-01240445, version 1



Jung Hee Cheon, Kyoohyung Han, Changmin Lee, Hansol Ryu, Damien Stehlé. Cryptanalysis of the Multilinear Map over the Integers. EUROCRYPT, 2015, Sofia, Bulgaria. ⟨hal-01240445⟩



Record views