Solving Degree and Degree of Regularity for Polynomial Systems over a Finite Fields
In this paper, we try to clarify some of the questions related to a key concept in multivariate polynomial solving algorithm over a finite field: the degree of regularity. By the degree of regularity, here we refer to a concept first presented by Dubois and Gama, namely the lowest degree at which certain nontrivial degree drop of a polynomial system occurs. Currently, it is somehow commonly accepted that we can use this degree to estimate the complexity of solving a polynomial system, even though we do not have systematic empirical data or a theory to support such a claim. In this paper, we would like to clarify the situation with the help of experiments. We first define a concept of solving degree for a polynomial system. The key question we then need to clarify is the connection of solving degree and the degree of regularity with focus on quadratic systems. To exclude the cases that do not represent the general situation, we need to define when a system is degenerate and when it is irreducible. With extensive computer experiments, we show that the two concepts, the degree of regularity and the solving degree, are related for irreducible systems in the sense that the difference between the two degrees is indeed small, less than 3. But due to the limitation of our experiments, we speculate that this may not be the case for high degree cases.
KeywordsSolving degree degree of regularity HFE HFEv random polynomial system non-degenerate system
Unable to display preview. Download preview PDF.
- 1.Bardet, M., Faugère, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic expansion of the degree of regularity for semi-regular systems of equations. In: Gianni, P. (ed.) MEGA 2005, Sardinia, Italy (2005)Google Scholar
- 4.Ding, J.: Inverting the square systems is exponential. Cryptology ePrint Archive, Report 2011/275 (2011), http://eprint.iacr.org/
- 5.Ding, J., Buchmann, J., Mohamed, M.S.E., Mohamed, W.S.A.E., Weinmann, R.-P.: Mutant XL. In: Talk at the First International Conference on Symbolic Computation and Cryptography (SCC 2008), Beijing (2008)Google Scholar
- 6.Ding, J., Gower, J., Schmidt, D.: Multivariate Public-Key Cryptosystems. In: Advances in Information Security. Springer (2006) ISBN 0-387-32229-9Google Scholar
- 9.Ding, J., Yang, B.-Y.: Post-Quantum Cryptography. Springer, Berlin (2009) ISBN: 978-3-540-88701-0, e-ISBN: 978-3-540-88702-7Google Scholar
- 14.Lazard, D.: Gröbner-bases, Gaussian elimination and resolution of systems of algebraic equations. In: ISSAC 1983 and EUROCAL 1983. LNCS, vol. 162, pp. 146–156. Springer (March 1983)Google Scholar
- 17.Mohamed, M.S.E., Mohamed, W.S.A.E., Ding, J., Buchmann, J.: MXL2: Solving polynomial equations over GF(2) using an improved mutant strategy. In J. Buchmann and J. Ding, editors, PQCrypto. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 203–215. Springer, Heidelberg (2008)CrossRefGoogle Scholar