Multivariate Public Key Cryptosystems

  • Yasufumi HashimotoEmail author
Part of the Mathematics for Industry book series (MFI, volume 29)


This paper presents a survey on the multivariate public key cryptosystem (MPKC), which is a public key cryptosystem whose public key is a set of multivariate quadratic forms over a finite field.


Multivariate public key cryptosystem (MPKC) Post-quantum cryptology 



The author would like to thank the anonymous reviewer for reading the previous draft of this paper carefully and giving helpful comments to improve it. He was supported by JSPS Grant-in-Aid for Young Scientists (B) no. 26800020.


  1. 1.
    M.L. Akkar, N. Courtois, L. Goubin, R. Duteuil, A fast and secure implementation of Sflash, in PKC’03. LNCS, vol. 2567 (2003), pp. 267–278Google Scholar
  2. 2.
    R.M. Avanzi, S. Hoerder, D. Page, M. Tunstall, Side-channel attacks on the McEliece and Niederreiter public-ky cryptosystems. J. Crypt. Eng. 1, 271–281 (2011)CrossRefGoogle Scholar
  3. 3.
    G.V. Bard, Algebraic Cryptanalysis (Springer, Dordrecht, 2009)CrossRefzbMATHGoogle Scholar
  4. 4.
    G.V. Bard, N.T. Courtois, C. Jefferson, Efficient methods for conversion and solution of sparse systems of low-degree multivariate polynomials over \(GF(2)\) via SAT-Solvers,
  5. 5.
    M. Bardet, J.C. Faugère, B. Salvy, B.Y. Yang, Asymptotic expansion of the degree of regularity for semi-regular systems of equations, in MEGA’05 (2005)Google Scholar
  6. 6.
    J.A. Beachy, Introductory Lectures on Rings and Modules (Cambridge University Press, Cambridge, 1999)CrossRefzbMATHGoogle Scholar
  7. 7.
    C. Berbain, H. Gilbert, J. Patarin, QUAD: a practical stream cipher with provable security, in Eurocrypt’06. LNCS, vol. 4004 (2006), pp. 109–128Google Scholar
  8. 8.
    E.R. Berlekamp, Factoring polynomials over finite fields. Bell Syst. Tech. J. 46, 1853–1859 (1967)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    E.R. Berlekamp, Factoring polynomials over large finite fields. Math. Comput. 24, 713–735 (1970)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    L. Bettale, J.C. Faugère, L. Perret, Solving polynomial systems over finite fields: Improved analysis of the hybrid approach. ISSAC 2012, 67–74 (2012)MathSciNetzbMATHGoogle Scholar
  11. 11.
    L. Bettale, J.C. Faugere, L. Perret, Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Crypt. 69, 1–52 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    J.F. Biasse, D. Jao, A. Sankar, A quantum algorithm for computing isogenies between supersingular elliptic curves, in Indocrypt’14. LNCS, vol. 8885 (2014), pp. 428–442Google Scholar
  13. 13.
    I. Biehl, B. Meyer, V. Müller, Differential fault attacks on elliptic curve cryptosystems, in Crypto’00. LNCS, vol. 2000 (1880), pp. 131–146Google Scholar
  14. 14.
    D. Bini, M. Capovani, F. Romani, G. Lotti, \(O(n^{2.7799})\) complexity for \(n \times n\) approximate matrix multiplication. Inf. Process. Lett. 8, 234–235 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    D. Boneh, R.A. DeMillo, R.J. Lipton, On the importance of checking cryptographic protocols for faults, in Eurocrypt’97. LNCS, vol. 1233 (1997), pp. 37–51Google Scholar
  16. 16.
    C. Bouillaguet, H.C. Chen, C.M. Cheng, T. Chou, R. Niederhagen, A. Shamir, B.Y. Yang, Fast exhaustive search for polynomial systems in \(F_2\), in CHES’10. LNCS, vol. 6225 (2010), pp. 203–218Google Scholar
  17. 17.
    B. Buchberger, A theoretical basis for the reduction of polynomials to canonical forms. ACM SIGSAM Bull. 10, 19–29 (1976)MathSciNetGoogle Scholar
  18. 18.
    S. Bulygin, A. Petzoldt, J. Buchmann, Towards provable security of the unbalanced oil and vinegar signature scheme under direct attacks, in Indocrypto’10. LNCS, vol. 6498 (2010), pp. 17–32Google Scholar
  19. 19.
    R. Cartor, R. Gipson, D. Smith-Tone, J. Vates, On the differential security of the HFEv- signature primitive, in PQCrypto’16. LNCS, vol. 9606 (2016), pp. 162–181Google Scholar
  20. 20.
    A. Cayley, Sur les determinants gauches (On skew determinants). Crelle’s J. 38, 93–96 (1847)Google Scholar
  21. 21.
    P.L. Cayrel, P. Dusart, Fault injection’s sensitivity of the McEliece PKC, in Proceedings of 5th International Conference on Future Information Technology (2010), pp. 1–6Google Scholar
  22. 22.
    A.I.T. Chen, M.S. Chen, T.R. Chen, C.M. Chen, J. Ding, E.L.H. Kuo, F.Y.S. Lee, B.Y. Yang, “SSE implementation of multivariate PKCs on modern x86 CPUs, in CHES’09. LNCS, vol. 5747 (2009), pp. 33–48Google Scholar
  23. 23.
    C.H.O. Chen, M.S. Chen, J. Ding, F. Werner, B.Y. Yang, Odd-char multivariate hidden field equations,
  24. 24.
    L. Chen, S. Jordan, Y.K. Liu, D. Moody, R. Reralta, R. Perlner, D. Smith-Tone, Report on post-quantum cryptography, in National Institute of Standards and Technology Internal Report, vol. 8105 (2016),
  25. 25.
    C.M. Cheng, Y. Hashimoto, H. Miura, T. Takagi, A polynomial-time algorithm for solving a class of underdetermined multivariate quadratic equations over fields of odd characteristics, in PQCrypto’14. LNCS, vol. 8772 (2014), pp. 40–58Google Scholar
  26. 26.
    A. Childs, D. Jao, V. Soukharev, Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 8, 1–29 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    M. Ciet, M. Joye, Elliptic curve cryptosystems in the presence of permanent and transient faults. Des. Codes Crypt. 36, 33–43 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  28. 28.
    D. Coppersmith, S. Winograd, Matrix multiplication via arithmetic progressions. J. Symb. Comput. 9, 251–280 (1990)MathSciNetCrossRefzbMATHGoogle Scholar
  29. 29.
    D. Coppersmith, J. Stern, S. Vaudenay, Attacks on the birational permutation signature schemes, in Crypto’93. LNCS, vol. 773 (1994), pp. 435–443Google Scholar
  30. 30.
    J.S. Coron, Resistance against differential power analysis for elliptic curve cryptosystems, in CHES’99. LNCS, vol. 1717 (1999), pp. 292–302Google Scholar
  31. 31.
    N.T. Courtois, M. Daum, P. Felke, On the security of HFE, HFEv- and Quartz, in PKC’03. LNCS, vol. 2567 (2003), pp. 337–350Google Scholar
  32. 32.
    T. Daniels, D. Smith-Tone, Differential properties of the HFE cryptosystem, in PQCrypto’14. LNCS, vol. 8772 (2014), pp. 59–75Google Scholar
  33. 33.
    J. Ding, A new variant of the Matsumoto-Imai cryptosystem through perturbation, in PKC’04. LNCS, vol. 2947 (2004), pp. 305–318Google Scholar
  34. 34.
    J. Ding, T.J. Hodges, Inverting HFE systems is quasi-polynomial for all fields, in Crypto’11. LNCS, vol. 6841 (2011), pp. 724–742Google Scholar
  35. 35.
    J. Ding, D. Schmidt, Rainbow, a new multivariate polynomial signature scheme, in ACNS’05. LNCS, vol. 3531 (2005), pp. 164–175Google Scholar
  36. 36.
    J. Ding, J.E. Gower, D. Schmidt, C. Wolf, Z. Yin, Complexity estimates for the \(F_4\) attack on the perturbed Matsumoto-Imai cryptosystem, in 10th IMA International Conference on Cryptography and coding. LNCS, vol. 3796 (2005), pp. 262–277Google Scholar
  37. 37.
    J. Ding, L. Hu, X. Nie, J. Li, J. Wagner, High order linearization equation (HOLE) attack on multivariate public key cryptosystems, in PKC’07. LNCS, vol. 4450 (2007), pp. 233–248Google Scholar
  38. 38.
    J. Ding, C. Wolf, B.Y. Yang, \(l-\)invertible cycles for multivariate quadratic (MQ) public key cryptography, in PKC’07. LNCS, vol. 4450 (2007), pp. 266–281Google Scholar
  39. 39.
    J. Ding, A. Petzoldt, L.C. Wang, The cubic simple matrix encryption scheme, in PQC’14. LNCS, vol. 8772 (2014), pp. 76–87Google Scholar
  40. 40.
    D.Z. Doković, On the product of two alternating matrices. Amer. Math. Monthly 98, 935–936 (1991)MathSciNetCrossRefGoogle Scholar
  41. 41.
    V. Dubois, P.A. Fouque, A. Shamir, J. Stern, Practical cryptanalysis of SFLASH, in Crypto’07. LNCS, vol. 4622 (2007), pp. 1–12Google Scholar
  42. 42.
    V. Dubois, L. Granboulan, J. Stern, Cryptanalysis of HFE with internal prturbation, in PKC’07. LNCS, vol. 4450 (2007), pp. 249–265Google Scholar
  43. 43.
    D.H. Duong, A. Petzoldt, T. Takagi, Reducing the key size of the SRP encryption scheme, in ACISP’16. LNCS, vol. 9723 (2016), pp. 427–434Google Scholar
  44. 44.
    J.C. Faugère, A new efficient algorithm for computing Grobner bases (\(F_4\)). J. Pure Appl. Algebra 139, 61–88 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  45. 45.
    J.C. Faugère, A. Joux, Algebraic cryptanalysis of Hidden Field Equations (HFE) using Gröbner bases, in Crypto’03. LNCS, vol. 2729 (2003), pp. 44–60Google Scholar
  46. 46.
    P.A. Fouque, L. Granboulan, J. Stern, Differential cryptanalysis for multivariate schemes, in Eurocrypt’05. LNCS, vol. 3494 (2005), pp. 341–353Google Scholar
  47. 47.
    P.A. Fouque, G. Macario-Rat, L. Perret, J. Stern, Total break of the \(l\)-IC signature scheme, in PKC’08. LNCS, vol. 4939 (2008), pp. 1–17Google Scholar
  48. 48.
    A.S. Fraenkel, Y. Yesha, Complexity of problems in games, graphs and algebraic equations. Discret. Appl. Math. 1, 15–30 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  49. 49.
    M.R. Garey, D.S. Johnson, Computers and Intractability, A Guide to the Theory of NP-completeness (W.H. Freeman, New York, 1979)zbMATHGoogle Scholar
  50. 50.
    L. Granboulan, A. Joux, J. Stern, Inverting HFE is quasipolynomial, in Crypto’06, LNCS. vol. 4117 (2006), pp. 345–356Google Scholar
  51. 51.
    L.K. Grover, A fast quantum mechanical algorithm for database search, in Proceedings 28th Annual ACM Symposium on the Theory of Computing (1996) pp. 212–219Google Scholar
  52. 52.
    S. Hasegawa, T. Kaneko, An attacking method for a public-key cryptosystem based on the difficulty of solving a system of non-linear equations (in Japanese), in Proceedings of 10th SITA, vol. JA5-3 (1987)Google Scholar
  53. 53.
    Y. Hashimoto, Algorithms to solve massively under-defined systems of multivariate quadratic equations. IEICE Trans. Fundam. E94–A, 1257–1262 (2011)CrossRefGoogle Scholar
  54. 54.
    Y. Hashimoto, Cryptanalysis of the quaternion rainbow, in IWSEC’13. LNCS, vol. 8231 (2013), pp. 244–257Google Scholar
  55. 55.
    Y. Hashimoto, Cryptanalysis of the multivariate sigature scheme proposed in PQCrypto 2013, in PQCrypto’14, LNCS, vol. 8772 (2014), pp. 108–125. IEICE Trans. Fundam. 99-A, 58–65 (2016)Google Scholar
  56. 56.
    Y. Hashimoto, A note on tensor simple matrix encryption scheme,
  57. 57.
    Y. Hashimoto, On the security of new vinegar-like variant of multivariate signature scheme,
  58. 58.
    Y. Hashimoto, On the security of cubic UOV,
  59. 59.
    Y. Hashimoto, Key recovery attacks on multivariate public key cryptosystems derived from quadratic forms over an extension field. IEICE Tans. Fundam. 100–A, 18–25 (2017)CrossRefGoogle Scholar
  60. 60.
    Y. Hashimoto, Chosen ciphertext attack on ZHFE. JSIAM Lett. (2017). To appearGoogle Scholar
  61. 61.
    Y. Hashimoto, T. Takagi, K. Sakurai, General fault attacks on multivariate public key cryptosystems, in PQC’11. LNCS, vol. 7071 (2011), pp. 1–18Google Scholar
  62. 62.
    M. Joye, A.K. Lenstra, J.J. Quisquater, Chinese remaindering based cryptosystems in the presence of faults. J. Cryptol. 12, 241–245 (1999)CrossRefzbMATHGoogle Scholar
  63. 63.
    A. Kipnis, A. Shamir, Cryptanalysis of the oil and vinegar signature scheme, in Crypto’98. LNCS, vol. 1462 (1998), pp. 257–267Google Scholar
  64. 64.
    A. Kipnis, A. Shamir, Cryptanalysis of the HFE public key cryptosystem by relinearization, in Crypto’99. LNCS, vol. 1666 (1999), pp. 19–30Google Scholar
  65. 65.
    A. Kipnis, J. Patarin, L. Goubin, Unbalanced oil and vinegar signature schemes, in Eurocrypt’99. LNCS, vol. 1592 (1999), pp. 206–222, extended in www.citeseer/231623.html, 2003-06-11
  66. 66.
    F. Le Gall, Powers of tensors and fast matrix multiplication, in ISSAC’14, Proceedings of the 39th ISSAC (2014), pp. 296–303Google Scholar
  67. 67.
    H. Li, X. Chen, L. Pang, W. Shi, Quantum attack-resistent certificateless multi-receiver signcryption scheme. PLoS ONE 8(6), e49141 (2013)CrossRefGoogle Scholar
  68. 68.
    R. Lidl, H. Niederreiter, Finite Fields (Addison-Wesley, London, 1983)zbMATHGoogle Scholar
  69. 69.
    T. Matsumoto, H. Imai, Public quadratic polynomial-tuples for efficient signature-verification and message-encryption, in Eurocrypt’88. LNCS, vol. 330 (1988), pp. 419–453Google Scholar
  70. 70.
    H. Miura, Y. Hashimoto, T. Takagi, Extended algorithm for solving underdefined multivariate quadratic equations, in PQCryoto’13, LNCS, vol. 7932 (2013), pp. 118–135. IEICE Trans. Fundam. E97-A, 1418–1425 (2014)Google Scholar
  71. 71.
    H.G. Molter, R. Overbeck, A. Shoufan, F. Strenzke, E. Tews, Side channels in the McEliece PKC, in PQC’08. LNCS, vol. 5299 (2008), pp. 216–229Google Scholar
  72. 72.
    D. Moody, Post-quantum cryptography: NIST’s plan for the future, in NIST Announcement in PQCrypto’16 (2016),
  73. 73.
    D. Moody, R. Perlner, D. Smith-Tone, An asymptotically optimal structural attack on the ABC multivariate encryption scheme, in PQC’14. LNCS, vol. 8772 (2014), pp. 180–196Google Scholar
  74. 74.
    X. Nie, A. Petzoldt, J. Buchmann, Cryptanalysis of \(2\)-layer nonlinear piece in hand method, in CD-ARES’13. LNCS, vol. 8128 (2013), pp. 91–104Google Scholar
  75. 75.
    X. Nie, B. Liu, H. Xiong, G. Lu, Cubic unbalance oil and vinegar signature scheme, in Inscrypt’15. LNCS, vol. 9589 (2015), pp. 47–56Google Scholar
  76. 76.
    NIST, Submission requirements and evaluation criteria for the Post-Quantum Cryptography standardization process (2016),
  77. 77.
    K. Okeya, T. Takagi, C. Vuillaume, On the importance of protecting \(\Delta \) in SFLASH against side channel attacks. IEICE Trans. 88-A, 123–131 (2005)Google Scholar
  78. 78.
    D. Page, F. Vercauteren, A fault attack on pairing-based cryptography. IEEE Trans. Comput. 55, 1075–1080 (2006)CrossRefzbMATHGoogle Scholar
  79. 79.
    J. Patarin, Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt’88, in Crypto’95. LNCS, vol. 963 (1995), pp. 248–261Google Scholar
  80. 80.
    J. Patarin, Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms, Eurocrypt’96. LNCS, vol. 1070 (1996), pp. 33–48Google Scholar
  81. 81.
    J. Patarin, The oil and vinegar signature scheme, in The Dagstuhl Workshop on Cryptography (1997)Google Scholar
  82. 82.
    J. Patarin, L. Goubin, N.T. Courtois, \(C*-+\) and HM: variations around two schemes of T. Matsumoto and H. Imai, in Asiacrypt’98. LNCS, vol. 1514 (1998), pp. 35–49Google Scholar
  83. 83.
    J. Patarin, N. Courtois, L. Goubin, QUARTZ, 128-bit long digital signatures, in CT-RSA’01. LNCS, vol. 2020 (2001), pp. 282–297Google Scholar
  84. 84.
    R. Perlner, D. Smith-Tone, Security analysis and key modification for ZHFE, in PQCrypto’16. LNCS, vol. 9606 (2016), pp. 197–212Google Scholar
  85. 85.
    A. Petzoldt, S. Bulygin, J.A. Buchmann, CyclicRainbow - a multivariate signature scheme with a partially cyclic public key, in IndoCrypt’10. LNCS, vol. 6498 (2010), pp. 33–48Google Scholar
  86. 86.
    A. Petzoldt, S. Bulygin, J.A. Buchmann, Fast verification for improved versions of the UOV and Rainbow signature schemes, in PQC’13. LNCS, vol. 7932 (2013), pp. 188–202Google Scholar
  87. 87.
    A. Petzoldt, M.S. Chen, B.Y. Yang, C. Tao, J. Ding, Design principles for HFEv- based multivariate signature schemes, in Asiacrypt’15. LNCS, vol. 9452 (2015), pp. 311–334Google Scholar
  88. 88.
    A. Petzoldt, J. Ding, L.C. Wang, Eliminating decryption failures from the simple matrix encryption scheme (2016),
  89. 89.
    J. Porras, J. Baena, J. Ding, ZHFE, a new multivariate public key encryption scheme, in PQCrypto’14. LNCS, vol. 8772 (2014), pp. 229–245Google Scholar
  90. 90.
    B. Preneel, NESSIE Project Announces Final Selection of Crypto Algorithms,
  91. 91.
    K. Sakumoto, T. Shirai, H. Hiwatari, Public-key identification schemes based on multivariate quadratic polynomials, in Crypto’11. LNCS, vol. 6841 (2011), pp. 706–723Google Scholar
  92. 92.
    K. Sakumoto, T. Shirai, H. Hiwatari, On provable security of UOV and HFE signature schemes against Chosen-Message Attack, in PQCrypto’11. LNCS, vol. 7071 (2011), pp. 68–82Google Scholar
  93. 93.
    A. Shamir, Efficient signature schemes based on birational permutations, in Crypto ’93. LNCS, vol. 773 (1983), pp. 1–12Google Scholar
  94. 94.
    W. Shen, S. Tang, L. Xu, IBUOV, A provably secure Identity-Based UOV Signature Scheme, in Proceeding CSE’13 (2013), pp. 388–395Google Scholar
  95. 95.
    P.W. Shor, Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26, 1484–1509 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
  96. 96.
    D. Smith-Tone, M.-S. Chen, B.-Y. Yang, PFLASH - secure asymmetric signatures on smart cards, in Lightweight Cryptography Workshop (2015),
  97. 97.
    A. Szepieniec, J. Ding, B. Preneel, Extension field cancellation: a new central trapdoor for multivariate quadratic systems, in PQC’16. LNCS, vol. 9606 (2016), pp. 182–196Google Scholar
  98. 98.
    V. Strassen, Gaussian elimination is not optimal. Numer. Math. 13, 354–356 (1969)MathSciNetCrossRefzbMATHGoogle Scholar
  99. 99.
    C. Tao, A. Diene, S. Tang, J. Ding, Simple matrix scheme for encryption, in PQCrypto 2013. LNCS, vol. 7932 (2013), pp. 231–242Google Scholar
  100. 100.
    C. Tao, H. Xiang, A. Petzoldt, J. Ding, Simple Matrix - a multivariate public key cryptosystem (MPKC) for encryption. Finite Fields Appl. 35, 352–368 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  101. 101.
    O. Taussky, H. Zassenhaus, On the similarity transformation between a matirx and its transpose. Pac. J. Math. 9, 893–896 (1959)CrossRefzbMATHGoogle Scholar
  102. 102.
    R. Terada, E.R. Andrade, Comparison of two signatrue schemes based on the MQ problem and Quartz. IEICE Trans. Fundam. 99-A, 2527–2538 (2016)Google Scholar
  103. 103.
    E. Tomae, Quo vadis quaternion? Cryptanalysis of Rainbow over non-commutative rings, in SCN’12. LNCS, vol. 7485 (2012), pp. 361–373Google Scholar
  104. 104.
    E. Thomae, C. Wolf, Solving underdetermined systems of multivariate quadratic equations revisited, in PKC’12. LNCS, vol. 7293 (2012), pp. 156–171Google Scholar
  105. 105.
    S. Tsujii, K. Kurosawa, T. Itoh, A. Fujioka, T. Matsumoto, A public-key cryptosystem based on the difficulty of solving a system of non-linear equations. IEICE Trans. Inf. Syst. (Japanese Edition), J69-D, pp. 1963–1970 (1986)Google Scholar
  106. 106.
    S. Tsujii, K. Tadaki, R. Fujita, Proposal for Piece in Hand Matrix: general concept for enhancing security of multivariate public key cryptosystems. IEICE Trans. 90-A, 992–999 (2007)Google Scholar
  107. 107.
    L.C. Wang, B.Y. Yang, Y.H. Hu, F. Lai, A “medium-field" multivariate public-key encryption scheme, in CT-RSA’06. LNCS, vol. 3860 (2006), pp. 132–149Google Scholar
  108. 108.
    B.Y. Yang, J.M. Chen, Building secure tame-like multivariate public-key cryptosystems: the new TTS, in ACISP’05. LNCS, vol. 3574 (2005), pp. 518–531Google Scholar
  109. 109.
    T. Yasuda, K. Sakurai, A security analysis of uniformly-layered rainbow defined over non-commutative rings. Pac. J. Math. Ind. 6, 81–89 (2014)Google Scholar
  110. 110.
    T. Yasuda, K. Sakurai, T. Takagi, Reducing the key size of Rainbow using non-commutative rings, in CT-RSA’12. LNCS, vol. 7178 (2012), pp. 68–83Google Scholar
  111. 111.
    T. Yasuda, T. Takagi, K. Sakurai, Multivariate signature scheme using quadratic forms. in PQCrypto’13. LNCS, vol. 7932 (2013), pp. 243–258Google Scholar
  112. 112.
    T. Yasuda, T. Takagi, K. Sakurai, Security of multivariate signature scheme using non-commutative rings. IEICE Trans. 97-A, 245–252 (2014)Google Scholar
  113. 113.
    T. Yasuda, X. Dahan, Y.-J. Huang, T. Takagi, K, Sakurai, MQ Challenge: hardness evaluation of solving multivariate quadratic problems, in The NIST Workshop on Cybersecurity in a Post-Quantum World, Washington, D.C, April 2–3 (2015),
  114. 114.
    W. Zhang, C.H. Tan, MI-T-HFE, A new multivariate signature scheme, in IMACC’15. LNCS, vol. 9496 (2015), pp. 43–56Google Scholar
  115. 115.
    W. Zhang, C.H. Tan, A secure variant of Yasuda, Takagi and Sakurai’s signature scheme, in Inscryptf15. LNCS, vol. 9589 (2015), pp. 75–89Google Scholar
  116. 116.
    W. Zhang, C.H. Tan, On the security and key generation of the ZHFE encryption scheme, in IWSEC’16. LNCS, vol. 9836 (2016), pp. 289–304Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  1. 1.Department of Mathematical SciencesUniversity of the RyukyusOkinawaJapan

Personalised recommendations