A multivariate public key cryptosystem (MPKCs for short) have a set of (usually) quadratic polynomials over a finite field as its public map. Its main security assumption is backed by the NP-hardness of the problem to solve nonlinear equations over a finite field. This family is considered as one of the major families of PKCs that could resist potentially even the powerful quantum computers of the future. There has been fast and intensive development in Multivariate Public Key Cryptography in the last two decades. Some constructions are not as secure as was claimed initially, but others are still viable. The paper gives an overview of multivariate public key cryptography and discusses the current status of the research in this area.
Chapter PDF
Similar content being viewed by others
References
Akkar, M.L., Courtois, N., Duteuil, R., and Goubin, L.: A fast and secure implementation of Sflash. In Y. Desmedt, editor, Public Key Cryptography -PKC 2003: 6th International Workshop on Practice and Theory in Public Key Cryptography, Miami, FL, USA, January 6–8, 2003, volume 2567 of LNCS, pages 267–278. Springer (2003).
Armknecht, F. and Krause, M.: Algrebraic attacks on combiners with memory. In Crypto 2003, August 17–21, Santa Barbara, CA, USA, volume 2729 of LNCS, pages 162–176. Springer (2003).
Ars, G., Faugère, J.C., Imai, H., Kawazoe, M., and Sugita, M.: Comparison between XL and Gröbner Basis algorithms. In AsiaCrypt [88], pages 338–353.
Balasubramanian, S., Bogdanov, A., Rupp, A., Ding, J., and Carter, H.W.: Fast multivariate signature generation in hardware: The case of rainbow. Poster Session, FCCM 2008.
Bardet, M., Faugère, J.C., and Salvy, B.: On the complexity of Gröbner basis computation of semi-regular overdetermined algebraic equations. In Proceedings of the International Conference on Polynomial System Solving, pages 71–74 (2004). Previously INRIA report RR-5049.
Bardet, M., Faugère, J.C., Salvy, B., and Yang, B.Y.: Asymptotic expansion of the degree of regularity for semi-regular systems of equations. In P. Gianni, editor, MEGA 2005 Sardinia (Italy) (2005).
Berbain, C., Billet, O., and Gilbert, H.: Efficient implementations of multivari-ate quadratic systems. In Proc. SAC 2006. Springer (in press, dated 2006-09-15).
Berlekamp, E.R.: Factoring polynomials over finite fields. Bell Systems Technical Journal, 46:1853–1859 (1967). Republished in: Elwyn R. Berlekamp. “Algebraic Coding Theory”. McGraw Hill, 1968.
Billet, O. and Gilbert, H.: Cryptanalysis of rainbow. In Security and Cryptography for Networks, volume 4116 of LNCS, pages 336–347. Springer (2006).
Billet, O., Robshaw, M.J.B., and Peyrin, T.: On building hash functions from multivariate quadratic equations. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, ACISP, volume 4586 of Lecture Notes in Computer Science, pages 82–95. Springer (2007). ISBN 978-3-540-73457-4.
Braeken, A., Wolf, C., and Preneel, B.: A study of the security of Unbalanced Oil and Vinegar signature schemes. In The Cryptographer's Track at RSA Conference 2005, volume 3376 of Lecture Notes in Computer Science, pages 29–43. Alfred J. Menezes, ed., Springer (2005). Also at http://eprint.iacr. org/2004/222/.
Buchberger, B.: Ein Algorithmus zum Auffinden der Basiselemente des Restk-lassenringes nach einem nulldimensionalen Polynomideal. Ph.D. thesis, Innsbruck (1965).
Buss, J.F., Frandsen, G.S., and Shallit, J.O.: The computational complexity of some problems of linear algebra. Research Series RS-96-33, BRICS, Department of Computer Science, University of Aarhus (1996). http://www.brics. dk/RS/96/33/, 39 pages.
Cantor, D.G. and Zassenhaus, H.: A new algorithm for factoring polynomials over finite fields. Mathematics of Computation, 36(587–592) (1981).
Chen, J.M. and Moh, T.T.: On the Goubin-Courtois attack on TTM. Cryp-tology ePrint Archive (2001). Http://eprint.iacr.org/2001/072.
Chen, J.M. and Yang, B.Y.: A more secure and efficacious TTS signature scheme. In J.I. Lim and D.H. Lee, editors, ICISC, volume 2971 of LNCS, pages 320–338. Springer (2003). ISBN 3-540-21376-7.
Computational Algebra Group, University of Sydney: The MAGMA Computational Algebra System for Algebra, Number Theory and Geometry. http: //magma.maths.usyd.edu.au/magma/.
Coppersmith, D., Stern, J., and Vaudenay, S.: The security of the birational permutation signature schemes. Journal of Cryptology, 10:207–221 (1997).
Courtois, N.: Algebraic attacks over GF(2k ), application to HFE challenge 2 and Sflash-v2. In PKC [53], pages 201–217. ISBN 3-540-21018-0.
Courtois, N., Goubin, L., Meier, W., and Tacier, J.D.: Solving underdefined systems of multivariate quadratic equations. In Public Key Cryptography — PKC 2002, volume 2274 of Lecture Notes in Computer Science, pages 211–227. David Naccache and Pascal Paillier, editors, Springer (2002).
Courtois, N., Goubin, L., and Patarin, J.: Quartz: Primitive specification (second revised version) (2001). https://www.cosic.esat.kuleuven.be/nessie Submissions, Quartz, 18 pages.
Courtois, N., Goubin, L., and Patarin, J.: Sflash: Primitive specification (second revised version) (2002). https://www.cosic.esat.kuleuven.be/nessie, Submissions, Sflash, 11 pages.
Courtois, N.T., Daum, M., and Felke, P.: On the security of HFE, HFEv- and Quartz. In Public Key Cryptography — PKC 2003, volume 2567 of Lecture Notes in Computer Science, pages 337–350. Y. Desmedt, ed., Springer (2002). http://eprint.iacr.org/2002/138.
Courtois, N.T., Klimov, A., Patarin, J., and Shamir, A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In Advances in Cryptology — EUROCRYPT 2000, volume 1807 of Lecture Notes in Computer Science, pages 392–407. Bart Preneel, ed., Springer (2000). Extended Version: http://www.minrank.org/xlfull.pdf.
Courtois, N.T. and Patarin, J.: About the XL algorithm over gf(2). In The Cryptographer's Track at RSA Conference 2003, volume 2612 of Lecture Notes in Computer Science, pages 141–157. Springer (2003).
Courtois, N.T. and Pieprzyk, J.: Cryptanalysis of block ciphers with overde-fined systems of equations. In Advances in Cryptology — ASIACRYPT 2002, volume 2501 of Lecture Notes in Computer Science, pages 267–287. Yuliang Zheng, ed., Springer (2002).
Diem, C.: The XL-algorithm and a conjecture from commutative algebra. In AsiaCrypt [88], pages 323–337. ISBN 3-540-23975-8.
Diffie, W. and Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory, IT-22(6):644–654 (1976). ISSN 0018-9448.
Ding, J.: A new variant of the Matsumoto-Imai cryptosystem through perturbation. In PKC [53], pages 305–318.
Ding, J., Buchmann, J., Mohamed, M.S.E., Mohamed, W.S.A.E., and Wein-mann, R.P.: Mutant xl. accepted for the First International Conference on Symbolic Computation and Cryptography, SCC 2008.
Ding, J., Carbarcas, D., Schmidt, D., Buchmann, J., and Tohaneanu, S.: Mutant groebner basis algorithms. accepted for the First International Conference on Symbolic Computation and Cryptography, SCC 2008.
Ding, J. and Gower, J.: Inoculating multivariate schemes against differential attacks. In PKC, volume 3958 of LNCS. Springer (2006). Also available at http://eprint.iacr.org/2005/255.
Ding, J., Gower, J., and Schmidt, D.: Zhuang-Zi: A new algorithm for solving multivariate polynomial equations over a finite field. Cryptology ePrint Archive, Report 2006/038 (2006). http://eprint.iacr.org/, 6 pages.
Ding, J., Gower, J.E., Schmidt, D., Wolf, C., and Yin, Z.: Complexity estimates for the F4 attack on the perturbed Matsumoto-Imai cryptosystem. In CCC, volume 3796 of LNCS, pages 262-277. Springer (2005).
Ding, J., Hu, L., Nie, X., Li, J., and Wagner, J.: High order linearization equation (hole) attack on multivariate public key cryptosystems. In PKC, volume 4450 of LNCS, pages 230-247. Springer (2007).
Ding, J. and Schmidt, D.: A common defect of the TTM cryptosystem. In Proceedings of the technical track of the ACNS'03, ICISA Press, pages 68-78 (2003). Http://eprint.iacr.org/2003/085.
Ding, J. and Schmidt, D.: The new TTM implementation is not secure. In K. Feng, H. Niederreiter, and C. Xing, editors, Workshop on Coding Cryptography and Combinatorics, CCC2003 Huangshan (China), volume 23 of Progress in Computer Science and Applied Logic, pages 113-128. Birkhauser Verlag (2004).
Ding, J. and Schmidt, D.: Cryptanalysis of HFEv and internal perturbation of HFE. In PKC [91], pages 288-301.
Ding, J. and Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In Conference on Applied Cryptography and Network Security — ACNS 2005, volume 3531 of Lecture Notes in Computer Science, pages 164-175. Springer (2005).
Ding, J., Schmidt, D., and Werner, F.: Algebraic attack on hfe revisited. InAccepted for ISC 2008, Lecture Notes in Computer Science. Springer. Presented at Western European Workshop on Research in Cryptology 2007.
Ding, J., Schmidt, D., and Yin, Z.: Cryptanalysis of the new tts scheme in ches 2004.Int. J. Inf. Sec, 5(4):231–240 (2006).
Ding, J., Wolf, C, and Yang, B.Y.: l-invertible cycles for multivariate quadratic public key cryptography. InPKC, volume 4450 ofLNCS, pages 266-281. Springer (2007).
Ding, J. and Yang, B.Y.: Multivariate polynomials for hashing. InInscrypt, Lecture Notes in Computer Science. Springer (2007). To appear, cf.http://eprint.iacr.org/2007/137.
Ding, J., Yang, B.Y., Chen, C.H.O., Chen, M.S., and Cheng, CM.: New differential-algebraic attacks and reparametrization of rainbow. InApplied Cryptography and Network Security, Lecture Notes in Computer Science. Springer (2008). To appear, cf.http://eprint.iacr.org/2008/108.
Ding, J., Yang, B.Y., Dubois, V., Cheng, CM., and Chen, O.C.H.: Breaking the symmetry: a way to resist the new differential attack.http://eprint.iacr.org/2007/366.
Dubois, V., Fouque, P.A., Shamir, A., and Stern, J.: Practical cryptanalysis of sflash. InAdvances in Cryptology — CRYPTO 2007, volume 4622 ofLecture Notes in Computer Science, pages 1-12. Alfred Menezes, ed., Springer (2007). ISBN 978-3-540-74142-8.
Dubois, V., Fouque, P.A., and Stern, J.: Cryptanalysis of sflash with slightly modified parameters. In M. Naor, editorEUROCRYPT, volume 4515 ofLecture Notes in Computer Science, pages 264-275. Springer (2007). ISBN 3-540-72539-3.
Faugère, J.C.: A new efficient algorithm for computing Gröbner bases(F 4).Journal of Pure and Applied Algebra, 139:61–88 (1999).
Faugère, J.C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F 5). InInternational Symposium on Symbolic and Algebraic Computation — ISSAC 2002, pages 75–83. ACM Press (2002).
Faugère, J.C. and Joux, A.: Algebraic cryptanalysis of Hidden Field Equations (HFE) using Gröbner bases. InAdvances in Cryptology — CRYPTO 2003, volume 2729 ofLecture Notes in Computer Science, pages 44-60. Dan Boneh, ed., Springer (2003).
Faugère, J.C. and Perret, L.: Polynomial equivalence problems: Algorithmic and theoretical aspects. In S. Vaudenay, editorEUROCRYPT, volume 4004 ofLecture Notes in Computer Science, pages 30–47. Springer (2006). ISBN 3-540-34546-9.
Fell, H. and Diffie, W.: Analysis of public key approach based on polynomial substitution. InAdvances in Cryptology — CRYPTO 1985, volume 218 ofLecture Notes in Computer Science, pages 340–349. Hugh C. Williams, ed., Springer (1985).
Feng Bao, Robert H. Deng, and Jianying Zhou (editors):Public Key Cryptography — PKC 2004, (2004). ISBN 3-540-21018-0.
Fouque, P.A., Granboulan, L., and Stern, J.: Differential cryptanalysis for multivariate schemes. In Eurocrypt [90]. 341–353.
Fouque, PA., Macario-Rat, G., Perret, L., and Stern, J.: Total break of theGIC- signature scheme. InPublic Key Cryptography, pages 1–17 (2008).
Geddes, K.O., Czapor, S.R., and Labahn, G.:Algorithms for Computer Algebra. Amsterdam, Netherlands: Kluwer (1992).
Geiselmann, W., Meier, W., and Steinwandt, R.: An attack on the Isomorphisms of Polynomials problem with one secret. Cryptology ePrint Archive, Report 2002/143 (2002).http://eprint.iacr.org/2002/143, version from 2002-09-20, 12 pages.
Goubin, L. and Courtois, N.T.: Cryptanalysis of the TTM cryptosystem. InAdvances in Cryptology — ASIACRYPT 2000, volume 1976 ofLecture Notes in Computer Science, pages 44–57. Tatsuaki Okamoto, ed., Springer (2000).
Gouget, A. and Patarin, J.: Probabilistic multivariate cryptography. In P.Q. Nguyen, editor, VIETCRYPT, volume 4341 of Lecture Notes in Computer Science, pages 1-18. Springer (2006). ISBN 3-540-68799-8.
Granboulan, L., Joux, A., and Stern, J.: Inverting hfe is quasipolynomial. In C. Dwork, editor, CRYPTO, volume 4117 of Lecture Notes in Computer Science, pages 345-356. Springer, 2006.
Hasegawa, S. and Kaneko, T.: An attacking method for a public key cryptosystem based on the difficulty of solving a system of non-linear equations. In Proc. 10th Symposium on Information Theory and Its applications, pages JA5-3 (1987).
Kasahara, M. and Sakai, R.: A construction of public-key cryptosystem based on singular simultaneous equations. In Symposium on Cryptography and Information Security — SCIS 2004. The Institute of Electronics, Information and Communication Engineers (2004).
Kasahara, M. and Sakai, R.: A construction of public key cryptosystem for realizing ciphtertext of size 100 bit and digital signature scheme. IEICE Trans. Fundamentals, E87-A(1):102–109 (2004). Electronic version: http://search. ieice.org/2004/files/e000a01.htm\#e87-a,1,102.
Kipnis, A., Patarin, J., and Goubin, L.: Unbalanced Oil and Vinegar signature schemes. In Advances in Cryptology — EUROCRYPT 1999, volume 1592 of Lecture Notes in Computer Science, pages 206–222. Jacques Stern, ed., Springer (1999).
Kipnis, A. and Shamir, A.: Cryptanalysis of the oil and vinegar signature scheme. In Advances in Cryptology — CRYPTO 1998, volume 1462 of Lecture Notes in Computer Science, pages 257–266. Hugo Krawczyk, ed., Springer (1998).
Kipnis, A. and Shamir, A.: Cryptanalysis of the HFE public key cryptosys-tem. In Advances in Cryptology — CRYPTO 1999, volume 1666 of Lecture Notes in Computer Science, pages 19–30. Michael Wiener, ed., Springer (1999). http://www.minrank.org/hfesubreg.ps or http://citeseer.nj. nec.com/kipnis99cryptanalysis.html.
Lazard, D.: Gröbner-bases, Gaussian elimination and resolution of systems of algebraic equations. In EUROCAL 83, volume 162 of Lecture Notes in Computer Science, pages 146–156. Springer (1983).
Levy-dit-Vehel, F. and Perret, L.: Polynomial equivalence problems and applications to multivariate cryptosystems. In Progress in Cryptology — IN-DOCRYPT 2003, volume 2904 of Lecture Notes in Computer Science, pages 235–251. Thomas Johansson and Subhamoy Maitra, editors, Springer (2003).
Macaulay, F.S.: The algebraic theory of modular systems, volume xxxi of Cambridge Mathematical Library. Cambridge University Press (1916).
Matsumoto, T. and Imai, H.: Public quadratic polynomial-tuples for efficient signature verification and message-encryption. In Advances in Cryptology — EUROCRYPT 1988, volume 330 of Lecture Notes in Computer Science, pages 419–545. Christoph G. Günther, ed., Springer (1988).
Matsumoto, T., Imai, H., Harashima, H., and Miyagawa, H.: High speed signature scheme using compact public key (1985). National Conference of system and information of the Electronic Communication Association of year Sowa 60, S9-5.
Moh, T.: A public key system with signature and master key function. Communications in Algebra, 27(5):2207–2222 (1999). Electronic version: http: //citeseer/moh99public.html.
Moh, T.T.: The recent attack of Nie et al on TTM is faulty. Http://eprint.iacr.org/2006/417.
Moh, T.T.: Two new examples of TTM. Http://eprint.iacr.org/2007/144.
Nagata, M.: On Automorphism Group of K [x, y], volume 5 of Lectures on Mathematics. Kyoto University, Kinokuniya, Tokyo (1972).
NESSIE: New European Schemes for Signatures, Integrity, and Encryption. Information Society Technologies programme of the European commission (IST-1999-12324). http://www.cryptonessie.org/.
Okamoto, E. and Nakamura, K.: Evaluation of public key cryptosystems proposed recently. In Proc 1986's Symposium of cryptography and information security, volume D1 (1986).
Ong, H., Schnorr, C., and Shamir, A.: Signatures through approximate representations by quadratic forms. In Advances in cryptology, Crypto '83, pages 117–131. Plenum Publ. (1984).
Ong, H., Schnorr, C., and Shamir, A.: Efficient signature schemes based on polynomial equations. In G.R. Blakley and D. Chaum, editors, Advances in cryptology, Crypto '84, volume 196 of LNCS, pages 37–46. Springer (1985).
Patarin, J.: The oil and vinegar signature scheme. Dagstuhl Workshop on Cryptography, September, 1997.
Patarin, J.: Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt'88. In Advances in Cryptology — CRYPTO 1995, volume 963 of Lecture Notes in Computer Science, pages 248–261. Don Coppersmith, ed., Springer (1995).
Patarin, J.: Asymmetric cryptography with a hidden monomial. In Advances in Cryptology — CRYPTO 1996, volume 1109 of Lecture Notes in Computer Science, pages 45–60. Neal Koblitz, ed., Springer (1996).
Patarin, J.: Hidden Field Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of asymmetric algorithms. In Advances in Cryptology — EUROCRYPT 1996, volume 1070 of Lecture Notes in Computer Science, pages 33–48. Ueli Maurer, ed., Springer (1996). Extended Version: http:// www.minrank.org/hfe.pdf.
Patarin, J., Courtois, N., and Goubin, L.: Flash, a fast multivariate signature algorithm. In C. Naccache, editor, Progress in cryptology, CT-RSA, volume 2020 of LNCS, pages 298–307. Springer (2001).
Patarin, J., Goubin, L., and Courtois, N.: C *± and HM : Variations around two schemes of T. Matsumoto and H. Imai. In Advances in Cryptology — ASIACRYPT 1998, volume 1514 of Lecture Notes in Computer Science, pages 35–49. Kazuo Ohta and Dingyi Pei, editors, Springer (1998). Extended Version: http://citeseer.nj.nec.com/patarin98plusmn.html.
Patarin, J., Goubin, L., and Courtois, N.: Improved algorithms for Isomorphisms of Polynomials. In Advances in Cryptology — EUROCRYPT 1998, volume 1403 of Lecture Notes in Computer Science, pages 184–200. Kaisa Nyberg, ed., Springer (1998). Extended Version: http://www.minrank.org/ ip6long.ps.
Perret, L.: A fast cryptanalysis of the isomorphism of polynomials with one secret problem. In Eurocrypt [90]. 17 pages.
Pil Joong Lee, ed.: Advances in Cryptology — ASIACRYPT 2004, (2004). ISBN 3-540-23975-8.
Pollard, J.M. and Schnorr, C.P.: An efficient solution of the congruence x 2 + ky 2 = m (mod n ). IEEE Trans. Inform. Theory, 33(5):702–709 (1987).
Ronald Cramer, ed.: Advances in Cryptology — EUROCRYPT 2005, (2005). ISBN 3-540-25910-4.
Serge Vaudenay, ed.: Public Key Cryptography — PKC 2005, (2005). ISBN 3-540-24454-9.
Shamir, A.: Efficient signature schemes based on birational permutations. In Advances in Cryptology — CRYPTO 1993, volume 773 of Lecture Notes in Computer Science, pages 1–12. Douglas R. Stinson, ed., Springer (1993).
Shestakov, I.P. and Umirbaev, U.U.: The Nagata automorphism is wild. Proc. Natl. Acad. Sci. USA, 100:12561–12563 (2003).
Sugita, M., Kawazoe, M., and Imai, H.: Gröbner basis based cryptanalysis of sha-1. Cryptology ePrint Archive, Report 2006/098 (2006). http://eprint. iacr.org/.
Tsujii, S., Kurosawa, K., Itoh, T., Fujioka, A., and Matsumoto, T.: A public key cryptosystem based on the difficulty of solving a system of nonlinear equations. ICICE Transactions (D) J69-D, 12:1963–1970 (1986).
Tsujii, S., Fujioka, A., and Hirayama, Y.: Generalization of the public key cryptosystem based on the difficulty of solving a system of non-linear equations. In ICICE Transactions (A) J72-A, volume 2, pages 390–397 (1989). English version is appended at http://eprint.iacr.org/2004/336.
Tsujii, S., Fujioka, A., and Itoh, T.: Generalization of the public key cryp-tosystem based on the difficulty of solving a system of non-linear equations. In Proc. 10th Symposium on Information Theory and Its applications, pages JA5–3 (1987).
Wang, L.C. and Chang, F.H.: Tractable rational map cryptosystem (version 2). http://eprint.iacr.org/2004/046, ver. 20040221:212731.
Wang, L.C. and Chang, F.H.: Tractable rational map cryptosystem (version 4). http://eprint.iacr.org/2004/046, ver. 20060203:065450.
Wang, L.C., Hu, Y.H., Lai, F., Chou, C.Y., and Yang, B.Y.: Tractable rational map signature. In PKC [91], pages 244–257. ISBN 3-540-24454-9.
Wang, L.C., Yang, B.Y., Hu, Y.H., and Lai, F.: A “medium-field” multivariate public-key encryption scheme. In CT-RSA 2006, volume 3860 of LNCS, pages 132–149. David Pointcheval, ed., Springer (2006). ISBN 3-540-31033-9.
Wolf, C., Braeken, A., and Preneel, B.: Efficient cryptanalysis of RSE(2)PKC and RSSE(2)PKC. In Conference on Security in Communication Networks — SCN 2004, volume 3352 of Lecture Notes in Computer Science, pages 294–309. Springer (2004). Extended version: http://eprint.iacr.org/2004/237.
Wolf, C. and Preneel, B.: Superfluous keys in M ultivariate Q uadratic asymmetric systems. In PKC [91], pages 275–287. Extended version http: //eprint.iacr.org/2004/361/.
Wolf, C. and Preneel, B.: Taxonomy of public key schemes based on the problem of multivariate quadratic equations. Cryptology ePrint Archive, Report 2005/077 (2005). http://eprint.iacr.org/2005/077/, 64 pages.
Yang, B.Y. and Chen, J.M.: All in the XL family: Theory and practice. In ICISC 2004, volume 3506 of Lecture Notes in Computer Science, pages 67–86. Springer (2004).
Yang, B.Y. and Chen, J.M.: Theoretical analysis of XL over small fields. In ACISP 2004, volume 3108 of Lecture Notes in Computer Science, pages 277– 288. Springer (2004).
Yang, B.Y. and Chen, J.M.: Building secure tame-like multivariate public-key cryptosystems: The new TTS. In ACISP 2005, volume 3574 of Lecture Notes in Computer Science, pages 518–531. Springer (2005).
Yang, B.Y., Chen, J.M., and Chen, Y.H.: TTS: High-speed signatures on a low-cost smart card. In CHES 2004, volume 3156 of Lecture Notes in Computer Science, pages 371–385. Springer (2004).
Yang, B.Y., Chen, O.C.H., and Chen, J.M.: The limit of XL implemented with sparse matrices. Workshop record, PQCrypto workshop, Leuven 2006. Http://postquantum.cr.yp.to/pqcrypto2006record.pdf.
Yang, B.Y., Cheng, D.C.M., Chen, B.R., and Chen, J.M.: Implementing minimized multivariate public-key cryptosystems on low-resource embedded systems. In SPC 2006, volume 3934 of Lecture Notes in Computer Science, pages 73–88. Springer (2006).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Ding, J., Yang, BY. (2009). Multivariate Public Key Cryptography. In: Bernstein, D.J., Buchmann, J., Dahmen, E. (eds) Post-Quantum Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88702-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-88702-7_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88701-0
Online ISBN: 978-3-540-88702-7
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)