Multivariate Cryptography

Past Events

Workshop of Algebraic Geometry in Kyushu for Young Researchers
Kyushu University, Ito campus, Fukuoka, Japan, March 12-14, 2012
English: http://gcoe-mi.jp/english/activity/ac_inner/id:53
Japanese: http://gcoe-mi.jp/activity/ac_inner/id:112

Contents

Books

• 辻井重男, 笠原正雄:
  暗号と情報セキュリティ,
  昭晃堂, 1990.
  
  
• N. Koblitz:
  Algebraic Aspects of Cryptography,
  Springer, 1998.
  
  
• N. コブリッツ著, 林彬訳:
  暗号の代数理論,
  シュプリンガー・フェアラーク東京, 1999.
  
  
• J. Ding, J. E. Gower, and D. Schmidt:
  Multivariate Public Key Cryptosystems,
  Springer, 2006.
  
  
• 辻井重男, 笠原正雄:
  暗号理論と楕円曲線,
  森北出版, 2008.
  
  
• D. J. Bernstein, J. Buchmann, and E. Dahmen:
  Post-Quantum Cryptography,
  Springer, 2009.
  
  
• M. Sala, T. Mora, L. Perret, S. Sakata, and C. Traverso:
  Gröbner Bases, Coding, and Cryptography,
  Springer, 2009.
  
  

Surveys

• C. Wolf:
  Hidden Field Equations - variations and attacks,
  Master's Thesis (Diplomarbeit), Universität Ulm, 2002.
  http://www.christopher-wolf.de/dpl/
  
  
• C. Wolf and B. Preneel:
  Asymmetric Cryptography: Hidden Field Equations,
  Cryptology ePrint Archive, Report 2004/072, August 2005.
  http://eprint.iacr.org/2004/072
  
  
• C. Wolf and B. Preneel:
  Applications of Multivariate Quadratic public key systems,
  Cryptology ePrint Archive, Report 2004/263, August 2005.
  http://eprint.iacr.org/2004/263
  
  
• J. Ding and D. Schmidt:
  Multivariable public--key cryptosystems,
  Cryptology ePrint Archive, Report 2004/350, December 2004.
  http://eprint.iacr.org/2004/350
  
  
• A. T. Feldmann:
  A survey of attacks on multivariate cryptosystems,
  Master's Thesis, University of Waterloo, 2005.
  http://etd.uwaterloo.ca/etd/atfeldma2005.pdf
  
  
• C. Wolf and B. Preneel:
  Taxonomy of public key schemes based on the problem of multivariate quadratic equations,
  Cryptology ePrint Archive, Report 2005/077, December 2005.
  http://eprint.iacr.org/2005/077
  
  
• C. Wolf:
  Multivariate quadratic polynomials in public key cryptography,
  Ph. D. thesis, Katholieke Universiteit Leuven,
  Cryptology ePrint Archive, Report 2005/393, November 2005.
  http://eprint.iacr.org/2005/393
  
  

Challenge Problems

• M. Kleffmann, E. Thomae, and C. Wolf:
  Post-Quantum Cryptography: Unbalanced Oil and Vinegar System - Part 2,
  April 2011.
  http://www.mysterytwisterc3.org/images/challenges/mtc3-wolf-02-uov2-en.pdf
  
  
• H. Dobbertin and P. Felke:
  Mystery Twister 2005 Crypto Challenge 11,
  April 2005.
  http://www-salsa.lip6.fr/~jcf/Papers/CC11_twister.pdf
  
  

Issued Patents

• Adi Shamir:
  Fast signature scheme based on sequentially linearized equations,
  United States Patent, Patent No. 5,263,085, Filing date: November 13, 1992, Issue date: November 16, 1993.
  
  
• Adi Shamir:
  Efficient signature scheme based on birational permutations,
  United States Patent, Patent No. 5,375,170, Filing date: April 19, 1993, Issue date: December 20, 1994.
  
  
• Tzuong-Tsieng Moh:
  Tame automorphism public key system,
  United States Patent, Patent No. 5,740,250, Filing date: August 9, 1996, Issue date: April 14, 1998.
  
  
• Jacques Patarin:
  Cryptographic communication process,
  United States Patent, Patent No. 5,790,675, Filing date: July 24, 1996, Issue date: August 4, 1998.
  
  
• Jacques Patarin:
  Asymmetrical cryptographic communication method and portable object therefore,
  United States Patent, Patent No. 6,111,952, Filing date: September 25, 1997, Issue date: August 29, 2000.
  
  
• Aviad Kipnis, Jacques Patarin, and Louis Goubin:
  Public-key signature methods and systems,
  United States Patent, Patent No. 7,100,051, Filing date: April 19, 2000, Issue date: August 29, 2006
  
  
• Jintai Ding:
  Multivariable cryptosystem,
  United States Patent, Patent No. 7,158,636, Filing date: April 11, 2003, Issue date: January 2, 2007.
  
  
• Koichiro Akiyama and Yasuhiro Goto:
  Key generating apparatus, program, and method,
  United States Patent, Patent No. 7,787,623, Filing date: November 30, 2006, Issue date: August 31, 2010.
  
  
• Koichiro Akiyama and Yasuhiro Goto:
  Digital signature generation apparatus, digital signature verification apparatus, and key generation apparatus,
  United States Patent, Patent No. 7,836,304, Filing date: July 24, 2006, Issue date: November 16, 2010.
  
  
• Jintai Ding:
  Method to produce new multivariate public key cryptosystems,
  United States Patent, Patent No. 7,961,876, Filing date: December 30, 2005, Issue date: June 14, 2011.
  
  
• Farshid Delgosha and Faramarz Fekri:
  Asymmetric cryptosystem employing paraunitary matrices,
  United States Patent, Patent No. 8,019,079, Filing date: July 8, 2007, Issue date: September 13, 2011.
  
  
• Koichiro Akiyama and Yasuhiro Goto:
  Digital signature generation apparatus, digital signature verification apparatus, and key generation apparatus,
  United States Patent, Patent No. 8,046,582, Filing date: October 14, 2010, Issue date: October 25, 2011.
  
  

Recent Results

• E. Thomae and C. Wolf:
  Solving underdetermined systems of multivariate quadratic equations revisited,
  To appear in PKC 2012.
  
  
• K. Sakumoto:
  Public-key identification schemes based on multivariate cubic polynomials,
  To appear in PKC 2012.
  
  
• Y.-J. Huang, F.-H. Liu, and B.-Y. Yang:
  Public-key cryptography from new multivariate quadratic assumptions,
  To appear in PKC 2012.
  
  
• C.-M. Cheng, T. Chou, R. Niederhagen, and B.-Y. Yang:
  Solving quadratic equations with XL on parallel architectures,
  To appear in SHARCS 2012.
  
  
• 辻井重男, 只木孝太郎, 五太子政史, 藤田亮:
  素因数分解の困難性に依拠した TSK 型多変数公開鍵暗号の構成法,
  電子情報通信学会技術研究報告, Vol.111, No.455, IT2011-70, ISEC2011-97, WBS2011-71, pp.149-155, 2012年3月1日〜3月2日, 慶応義塾大学 日吉キャンパス 来往舎, 横浜, 神奈川.
  
  
• M. Kasahara:
  Public key cryptosystems constructed based on Reed-Solomon codes, K(XV)SE(2)PKC, realizing coding rate of exactly 1.0,
  Cryptology ePrint Archive, Report 2012/079, February 2012.
  http://eprint.iacr.org/2012/079
  
  
• T. Yasuda, K. Sakurai, and T. Takagi:
  Reducing the key size of Rainbow using non-commutative rings,
  Proceedings of the Cryptographers' Track at the RSA Conference 2012 (CT-RSA 2012),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7178, pp.68-83,
  February 27 - March 2, 2012, San Francisco, CA, USA.
  
  
• 小椋直樹, 内山成憲:
  wild 自己同型を利用した高次多変数暗号,
  2012年暗号と情報セキュリティシンポジウム (SCIS2012) 講演予稿, 2A3-2, 2012年1月30日〜2月2日, 金沢エクセルホテル東急, 金沢, 石川.
  
  
• T. Yasuda, J. Ding, T. Takagi, and K. Sakurai:
  Some efficient variants of UOV and Rainbow,
  2012年暗号と情報セキュリティシンポジウム (SCIS2012) 講演予稿, 2A3-3, 2012年1月30日〜2月2日, 金沢エクセルホテル東急, 金沢, 石川.
  
  
• 小椋直樹, 三原千穂, 秋山浩一郎, 三宅秀享, 内山成憲:
  代数曲面上の求セクション問題に対する Wu のアルゴリズムの適用,
  2012年暗号と情報セキュリティシンポジウム (SCIS2012) 講演予稿, 2A3-5, 2012年1月30日〜2月2日, 金沢エクセルホテル東急, 金沢, 石川.
  
  
• 田中哲士, 安田貴徳, 櫻井幸一:
  並列計算と係数体の還元による多変数多項式暗号の効率的実装手法の評価,
  2012年暗号と情報セキュリティシンポジウム (SCIS2012) 講演予稿, 4C2-1, 2012年1月30日〜2月2日, 金沢エクセルホテル東急, 金沢, 石川.
  
  
• 田中哲士, T. Chou, B.-Y. Yang, 櫻井幸一:
  実装手法の違いによる多変数多項式暗号の効率性の評価,
  2012年暗号と情報セキュリティシンポジウム (SCIS2012) 講演予稿, 4C2-2, 2012年1月30日〜2月2日, 金沢エクセルホテル東急, 金沢, 石川.
  
  

Asymmetric Bijective Cryptosystems (ABC), MI (C-star)

Proposals

• T. Matsumoto and H. Imai:
  A class of asymmetric cryptosystems based on polynomials over finite rings,
  1983 IEEE International Symposium on Information Theory, Abstract of Papers, pp.131-132, September 1983.
  
  
• 松本勉, 今井秀樹, 原島博, 宮川洋:
  暗号化変換の自明でない表現を用いる非対称暗号系,
  昭和 58 年度電子通信学会情報・システム部門全国大会講演論文集，S8-5, September 1983.
  
  
• T. Matsumoto, H. Imai, H. Harashima, and H. Miyakawa:
  A cryptographically useful theorem on the connection between uni and multivariate polynomials,
  IECE Trans., Vol.E68, No.3, pp.139-146, March 1985.
  
  
• H. Imai and T. Matsumoto:
  Algebraic methods for constructing asymmetric cryptosystems,
  Proceedings of the 3rd International Conference on Algebraic Algorithms and Error-Correcting Codes (AAECC-3),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.229, pp.108-119,
  July 15-19, 1985, Grenoble, France.
  
  
• T. Matsumoto and H. Imai:
  Public quadratic polynomial-tuples for efficient signature-verification and message-encryption,
  Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT '88),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.330, pp.419-453,
  May 25-27, 1988, Davos, Switzerland.
  
  
• 松本勉, 今井秀樹:
  署名機能と機密保持機能を効率よく実現する多変数多項式タプル非対称暗号系の構成,
  電子情報通信学会論文誌（A）, Vol.J71-A, No.7, pp.1441-1452, July 1988.
  
  

Attacks, Security Analysis

• P. Delsarte, Y. Desmedt, A. M. Odlyzko, and P. Piret:
  Fast cryptanalysis of the Matsumoto-Imai public key scheme,
  Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT '84),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.209, pp.142-149,
  April 9-11, 1984, Paris, France.
  
  
• H. Dobbertin:
  internal reports, Bundesamt für Sicherheit in der Informationstechnik,
  German Federal Office for Information Security, 1993/94.
  
  
• J. Patarin:
  Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt'88,
  Proceedings of the 15th Annual International Cryptology Conference (CRYPTO '95),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.963, pp.248-261,
  August 27-31, 1995, Santa Barbara, CA, USA.
  
  
• J. Patarin:
  Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt'98,
  Designs, Codes and Cryptography, Vol.20, No.2, pp.175-209, June 2000.
  
  
• A. Youssef and G. Gong:
  Cryptanalysis of Imai and Matsumoto scheme B asymmetric cryptosystem,
  Proceedings of the Second International Conference on Cryptology in India (INDOCRYPT 2001),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2247, pp.214-222,
  December 16-20, 2001, Chennai, India.
  
  
• A. Diene, J. Ding, J. E. Gower, T. J. Hodges, and Z. Yin:
  Dimension of the linearization equations of the Matsumoto-Imai cryptosystems,
  Revised Selected Papers from the International Workshop on Coding and Cryptography (WCC 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3969, pp.242-251,
  March 14-18, 2005, Bergen, Norway.
  
  
• P.-A. Fouque, G. Macario-Rat, and J. Stern:
  Key recovery on hidden monomial multivariate schemes,
  Proceedings of the 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4965, pp.19-30,
  April 13-17, 2008, Istanbul, Turkey.
  
  

Hidden Field Equation (HFE)

Proposals

• J. Patarin:
  Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP):
  Two new families of asymmetric algorithms,
  Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT '96),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1070, pp.33-48,
  May 12-16, 1996, Saragossa, Spain.
  
  
• I. Toli:
  Hidden Polynomial Cryptosystems,
  Cryptology ePrint Archive, Report 2003/061, July 2003.
  http://eprint.iacr.org/2003/061
  
  

Attacks, Security Analysis

• A. Kipnis and A. Shamir:
  Cryptanalysis of the HFE public key cryptosystem by relinearization,
  Proceedings of the 19th Annual International Cryptology Conference (CRYPTO '99),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1666, pp.19-30,
  August 15-19, 1999, Santa Barbara, California, USA.
  
  
• N. Courtois:
  The security of Hidden Field Equations (HFE),
  Proceedings of the Cryptographers' Track at RSA Conference 2001 (CT-RSA 2001),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2020, pp.266-281,
  April 8-12, 2001, San Francisco, CA, USA.
  
  
• J.-C. Faugère:
  Algebraic cryptanalysis of HFE using Gröbner bases,
  Technical Report RR-4738, INRIA, February 2003.
  http://www-salsa.lip6.fr/~jcf/Papers/RR-4738.pdf
  
  
• I. Toli:
  Cryptanalysis of HFE,
  arXiv:cs/0305034, June 2003.
  http://arxiv.org/abs/cs.CR/0305034
  
  
• J.-C. Faugère and A. Joux:
  Algebraic cryptanalysis of Hidden Field Equation (HFE) cryptosystems using Gröbner bases,
  Proceedings of the 23rd Annual International Cryptology Conference (CRYPTO 2003),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2729, pp.44-60,
  August 17-21, 2003, Santa Barbara, California, USA.
  
  
• J.-F. Michon, P. Valarcher, and J.-B. Yunès:
  HFE and BDDs: A practical attempt at cryptanalysis,
  Coding, Cryptography and Combinatorics,
  Progress in Computer Science and Applied Logic, Birkhäuser-Verlag, Vol.23, pp.237-246, 2004.
  
  
• V. Dubois, L. Granboulan, and J. Stern:
  An efficient provable distinguisher for HFE,
  Proceedings of the 33rd International Colloquium on Automata, Languages and Programming (ICALP 2006), Part II,
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4052, pp.156-167,
  July 10-14, 2006, Venice, Italy.
  
  
• L. Granboulan, A. Joux, and J. Stern:
  Inverting HFE is quasipolynomial,
  Proceedings of the 26th Annual International Cryptology Conference (CRYPTO 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4117, pp.345-356,
  August 20-24, 2006, Santa Barbara, California, USA.
  
  
• X. Jiang, J. Ding, and L. Hu:
  Kipnis-Shamir attack on HFE revisited,
  Revised Selected Papers from the Third SKLOIS Conference on Information Security and Cryptology (Inscrypt 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4990, pp.399-411,
  August 31 - September 5, 2007, Xining, China.
  
  
• J. Ding, D. Schmidt, and F. Werner:
  Algebraic attack on HFE revisited,
  Proceedings of the 11th Information Security Conference (ISC 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5222, pp.215-227,
  September 15-18, 2008, Taipei, Taiwan.
  
  
• V. Dubois and N. Gama:
  The degree of regularity of HFE systems,
  Proceedings of the 16th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6477, pp.557-576,
  December 5-9, 2010, Singapore.
  
  
• M. S. E. Mohamed, J. Ding, and J. Buchmann:
  Towards algebraic cryptanalysis of HFE challenge 2,
  Proceedings of the 2011 International Conference on Information Security and Assurance (ISA 2011),
  Communications in Computer and Information Science, Springer-Verlag, Vol.200, pp.123-131,
  August 15-17, 2011, Brno, Czech Republic.
  
  
• J. Ding and T. J. Hodges:
  Inverting HFE systems is quasi-polynomial for all fields,
  Proceedings of the 31st International Cryptology Conference (CRYPTO 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6841, pp.724-742,
  August 14-18, 2011, Santa Barbara, CA, USA.
  
  

Modified Schemes

Proposals

• J. Patarin, L. Goubin, and N. Courtois:
  $C^{*}_{-+}$ and HM: Variations around two schemes of T. Matsumoto and H. Imai,
  Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security (ASIACRYPT '98),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1514, pp.35-49,
  October 18-22, 1998, Beijing, China.
  
  
• J. Patarin, N. Courtois, and L. Goubin:
  QUARTZ, 128-bit long digital signatures,
  Proceedings of the Cryptographers' Track at RSA Conference 2001 (CT-RSA 2001),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2020, pp.282-297,
  April 8-12, 2001, San Francisco, CA, USA.
  
  
• J. Patarin, N. Courtois, and L. Goubin:
  FLASH, a fast multivariate signature algorithm,
  Proceedings of the Cryptographers' Track at RSA Conference 2001 (CT-RSA 2001),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2020, pp.298-307,
  April 8-12, 2001, San Francisco, CA, USA.
  
  
• N. T. Courtois, L. Goubin, and J. Patarin:
  SFLASHv3, a fast asymmetric signature scheme,
  Cryptology ePrint Archive, Report 2003/211, October 2005.
  http://eprint.iacr.org/2003/211
  
  
• J. Ding:
  A new variant of the Matsumoto-Imai cryptosystem through perturbation,
  Proceedings of the 7th International Workshop on Theory and Practice in Public Key Cryptography (PKC 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2947, pp.305-318,
  March 1-4, 2004, Singapore.
  
  
• J. Ding and D. Schmidt:
  Cryptanalysis of HFEv and internal perturbation of HFE,
  Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3386, pp.288-301,
  January 23-26, 2005, Les Diablerets, Switzerland.
  
  
• Z. Wu, J. Ding, J. E. Gower, and D.-F. Ye:
  Perturbed hidden matrix cryptosystems,
  Proceedings of the International Conference on Computational Science and Its Applications (ICCSA 2005), Part II,
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3481, pp.595-602,
  May 9-12, 2005, Singapore.
  
  
• J. Ding and J. E. Gower:
  Inoculating multivariate schemes against differential attacks,
  Proceedings of the 9th International Conference on Theory and Practice of Public-Key Cryptography (PKC 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3958, pp.290-301,
  April 24-26, 2006, New York, NY, USA.
  
  
• A. Gouget and J. Patarin:
  Probabilistic multivariate cryptography,
  Revised Selected Papers from the First International Conference on Cryptology in Vietnam (VIETCRYPT 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4341, pp.1-18,
  September 25-28, 2006, Hanoi, Vietnam.
  
  
• J. Ding, B.-Y. Yang, C.-M. Cheng, O. Chen, and V. Dubois:
  Breaking the symmetry: A way to resist the new differential attack,
  Cryptology ePrint Archive, Report 2007/366, September 2007.
  http://eprint.iacr.org/2007/366
  
  
• Z. Wang, X. Nie, S. Zheng, Y. Yang, and Z. Zhang:
  A new construction of multivariate public key encryption scheme through internally perturbed plus,
  Proceedings of the 2008 International Conference on Computational Science and Its Applications (ICCSA 2008), Part II,
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5073, pp.1-13,
  June 30 - July 3, 2008, Perugia, Italy.
  
  
• J. Ding, V. Dubois, B.-Y. Yang, C.-H. Owen Chen, and C.-M. Cheng:
  Could SFLASH be repaired?
  Proceedings of the 35th International Colloquium on Automata, Languages and Programming (ICALP 2008), Part II,
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5126, pp.691-701,
  July 7-11, 2008, Reykjavik, Iceland.
  
  
• 五太子政史, 辻井重男:
  多変数公開鍵暗号の Internal Perturbation 改良の検討 ― PMI を例として ―,
  電子情報通信学会技術研究報告, Vol.109, No.337, ISEC2009-78, 2009, pp.51-55, 2009年12月16日, 機械振興会館, 東京.
  
  
• 五太子政史, 辻井重男:
  Perturbed Matsumoto-Imai Cryptosystem の最適化に関する検討,
  2010年暗号と情報セキュリティシンポジウム (SCIS2010) 講演予稿, 3B4-5, 2010年1月19日〜1月22日, 高松, 香川.
  
  
• M. Gotaishi, K. Tadaki, R. Fujita, and S. Tsujii:
  Dually-perturbed Matsumoto-Imai signature (DPMS) scheme,
  IEICE Trans. Fundamentals, Vol.E93-A, No.6, pp.1078-1085, June 2010.
  
  

Attacks, Security Analysis

• H. Gilbert and M. Minier:
  Cryptanalysis of SFLASH,
  Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT 2002),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2332, pp.288-298,
  April 28 - May 2, 2002, Amsterdam, The Netherlands.
  
  
• N. T. Courtois, M. Daum, and P. Felke:
  On the security of HFE, HFEv- and Quartz,
  Proceedings of the 6th International Workshop on Practice and Theory in Public Key Cryptosystems (PKC 2003),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2567, pp.337-350,
  January 6-8, 2003, Miami, FL, USA.
  
  
• N. T. Courtois:
  Generic attacks and the security of Quartz,
  Proceedings of the 6th International Workshop on Practice and Theory in Public Key Cryptosystems (PKC 2003),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2567, pp.351-364,
  January 6-8, 2003, Miami, FL, USA.
  
  
• N. T. Courtois:
  Algebraic attacks over GF(2$^k$), application to HFE challenge 2 and Sflash-v2,
  Proceedings of the 7th International Workshop on Theory and Practice in Public Key Cryptography (PKC 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2947, pp.201-217,
  March 1-4, 2004, Singapore.
  
  
• J. Ding and D. Schmidt:
  Cryptanalysis of SFlash v3,
  Cryptology ePrint Archive, Report 2004/103, May 2004.
  http://eprint.iacr.org/2004/103
  
  
• P.-A. Fouque, L. Granboulan, and J. Stern:
  Differential cryptanalysis for multivariate schemes,
  Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3494, pp.341-353,
  May 22-26, 2005, Aarhus, Denmark.
  
  
• J. Ding, J. E. Gower, D. Schmidt, C. Wolf, and Z. Yin:
  Complexity estimates for the F$_4$ attack on the perturbed Matsumoto-Imai cryptosystem,
  Proceedings of the 10th IMA International Conference on Cryptography and Coding,
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3796, pp.262-277,
  December 19-21, 2005, Cirencester, UK.
  
  
• V. Dubois, L. Granboulan, and J. Stern:
  Cryptanalysis of HFE with internal perturbation,
  Proceedings of the 10th International Conference on Theory and Practice of Public-Key Cryptography (PKC 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4450, pp.249-265,
  April 16-20, 2007, Beijing, China.
  
  
• V. Dubois, P.-A. Fouque, and J. Stern:
  Cryptanalysis of SFLASH with slightly modified parameters,
  Proceedings of the 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4515, pp.264-275,
  May 20-24, 2007, Barcelona, Spain.
  
  
• V. Dubois, P.-A. Fouque, A. Shamir, and J. Stern:
  Practical cryptanalysis of SFLASH,
  Proceedings of the 27th Annual International Cryptology Conference (CRYPTO 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4622, pp.1-12,
  August 19-23, 2007, Santa Barbara, CA, USA.
  
  
• 小椋直樹, 内山成憲, 中村憲:
  SFLASH 署名方式への攻撃法の実装について,
  2008年暗号と情報セキュリティシンポジウム (SCIS2008) 講演予稿, 3B1-2, 2008年1月22日〜1月25日, フェニックス・シーガイア・リゾート, 宮崎.
  
  
• W. Cao and L. Hu:
  Cryptanalysis of a multivariate public key encryption scheme with internal perturbation structure,
  Revised Selected Papers from the 10th International Workshop on Information Security Applications (WISA 2009),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5932, pp.254-267,
  August 25-27, 2009, Busan, Korea.
  
  
• J.-C. Faugère, A. Joux, L. Perret, and J. Treger:
  Cryptanalysis of the Hidden Matrix cryptosystem,
  Proceedings of the First International Conference on Cryptology and Information Security in Latin America (LATINCRYPT 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6212, pp.241-254,
  August 8-11, 2010, Puebla, Mexico.
  
  
• D. Smith-Tone:
  Properties of the discrete differential with cryptographic applications,
  Proceedings of the Third International Workshop on Post-Quantum Cryptography (PQCrypto 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6061, pp.1-12,
  May 25-28, 2010, Darmstadt, Germany.
  
  
• J. Ding and T. Kleinjung:
  Degree of regularity for HFE-,
  Cryptology ePrint Archive, Report 2011/570, October 2011.
  http://eprint.iacr.org/2011/570
  
  
• D. Smith-Tone:
  On the differential security of multivariate public key cryptosystems,
  Proceedings of the 4th International Workshop on Post-Quantum Cryptography (PQCrypto 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7071, pp.130-142,
  November 29 - December 2, Taipei, Taiwan.
  
  
• C. Bouillaguet, P.-A. Fouque, and G. Macario-Rat:
  Practical key-recovery for all possible parameters of SFLASH,
  Proceedings of the 17th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7073, pp.667-685,
  December 4-8, 2011, Seoul, South Korea.
  
  

$\ell$-Invertible Cycles ($\ell$-IC)

Proposals

• J. Ding, C. Wolf, and B.-Y. Yang:
  $\ell$-Invertible Cycles for Multivariate Quadratic (MQ) public key cryptography,
  Proceedings of the 10th International Conference on Theory and Practice of Public-Key Cryptography (PKC 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4450, pp.266-281,
  April 16-20, 2007, Beijing, China.
  
  

Attacks, Security Analysis

• 宮澤俊之, 星野文学, 小林鉄太郎:
  多変数非線形方程式に基づく署名方式 3IC- の安全性解析,
  2008年暗号と情報セキュリティシンポジウム (SCIS2008) 講演予稿, 3B1-1, 2008年1月22日〜1月25日, フェニックス・シーガイア・リゾート, 宮崎.
  
  
• P.-A. Fouque, G. Macario-Rat, L. Perret, and J. Stern:
  Total break of the $\ell$-IC signature scheme,
  Proceedings of the 11th International Workshop on Practice and Theory in Public-Key Cryptography (PKC 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4939, pp.1-17,
  March 9-12, 2008, Barcelona, Spain.
  
  
• N. Ogura and S. Uchiyama:
  Remarks on the attack of Fouque et al. against the $\ell$IC scheme,
  Proceedings of the Third International Workshop on Security (IWSEC 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5312, pp.34-48,
  November 25-27, 2008, Kagawa, Japan.
  
  
• N. Ogura and S. Uchiyama:
  On Patarin's attack against the $\ell$IC scheme,
  IEICE Trans. Fundamentals, Vol.E93-A, No.1, pp.34-41, January 2010.
  
  

Odd characteristic

Proposals

• J. Baena, C. Clough, and J. Ding:
  Square-Vinegar signature scheme,
  Proceedings of the Second International Workshop on Post-Quantum Cryptography (PQCrypto 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5299, pp.17-30,
  October 17-19, 2008, Cincinnati, OH, USA.
  
  
• A. I.-T. Chen, M.-S. Chen, T.-R. Chen, C.-M. Cheng, J. Ding, E. L.-H. Kuo, F. Y.-S. Li, and B.-Y. Yang:
  Small odd prime field multivariate PKCs,
  Cryptology ePrint Archive, Report 2008/498, December 2008.
  http://eprint.iacr.org/2008/498
  
  
• C.-H. Owen Chen, M.-S. Chen, J. Ding, F. Werner, and B.-Y. Yang:
  Odd-char multivariate Hidden Field Equations,
  Cryptology ePrint Archive, Report 2008/543, December 2008.
  http://eprint.iacr.org/2008/543
  
  
• C. Clough, J. Baena, J. Ding, B.-Y. Yang, and M.-S. Chen:
  Square, a new multivariate encryption scheme,
  Proceedings of the Cryptographers' Track at the RSA Conference 2009 (CT-RSA 2009),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5473, pp.252-264,
  April 20-24, 2009, San Francisco, CA, USA.
  
  
• C. L. Clough and J. Ding:
  Secure variants of the Square encryption scheme,
  Proceedings of the Third International Workshop on Post-Quantum Cryptography (PQCrypto 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6061, pp.153-164,
  May 25-28, 2010, Darmstadt, Germany.
  
  
• J. B. Baena, C. L. Clough, and J. Ding:
  New variants of the Square-Vinegar signature scheme,
  Revista Colombiana de Matemáticas, Vol.45, No.2, pp.147-166, 2011.

Attacks, Security Analysis

• O. Billet and G. Macario-Rat:
  Cryptanalysis of the Square cryptosystems,
  Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2009),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5912, pp.451-468,
  December 6-10, 2009, Tokyo, Japan.
  
  
• M. Gotaishi:
  Cryptanalysis of Double-Layer Square,
  電子情報通信学会技術研究報告, Vol.110, No.200, ISEC2010-45, pp.41-45, 2010年9月10日, 機械振興会館, 東京.
  
  
• L. Bettale, J.-C. Faugère, and L. Perret:
  Cryptanalysis of multivariate and odd-characteristic HFE variants,
  Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography (PKC 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6571, pp.441-458,
  March 6-9, 2011, Taormina, Italy.
  
  
• E. Thomae and C. Wolf:
  Roots of Square: Cryptanalysis of Double-Layer Square and Square+,
  Proceedings of the 4th International Workshop on Post-Quantum Cryptography (PQCrypto 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7071, pp.83-97,
  November 29 - December 2, Taipei, Taiwan.
  
  
• J. Ding:
  Inverting the Square systems is exponential,
  Cryptology ePrint Archive, Report 2011/275, September 2011.
  http://eprint.iacr.org/2011/275
  
  

Hidden Pair of Bijection

• 五太子政史, 辻井重男:
  相補型 MPKC 役割交代型署名の提案,
  電子情報通信学会技術研究報告, Vol.110, No.443, IT2010-126, ISEC2010-130, WBS2010-105, pp.383-388, 2011年3月3日〜3月4日, 大阪大学.
  
  
• M. Gotaishi and S. Tsujii:
  Hidden Pair of Bijection signature scheme,
  Cryptology ePrint Archive, Report 2011/353, July 2011.
  http://eprint.iacr.org/2011/353
  
  
• 五太子政史, 辻井重男:
  多変数公開鍵暗号による署名方式 Hidden Pair of Bijection 第二報 〜 セキュリティの検討 〜,
  電子情報通信学会技術研究報告, Vol.111, No.285, ISEC2011-42, LOIS2011-36, pp.55-60, 2011年11月14日〜11月15日, 大阪電気通信大学, 大阪.
  
  
• M. Gotaishi:
  Hidden Pair of Bijection Signature (Part II),
  Recent-Results Session at the fourth international workshop on Post-Quantum Cryptography (PQCrypto 2011), November 29-December 2, 2011, Taipei, Taiwan.
  
  

Sequential Solution Method

Proposals

• 辻井重男:
  非線形連立方程式の順序解法を利用する公開鍵暗号方式,
  情報理論とその応用研究会, 第 8 回シンポジウム資料, pp.156-157, December 1985.
  
  
• 辻井重男, 黒澤馨, 伊東利哉, 藤岡淳, 松本勉:
  非線形連立方程式の順序解法による公開鍵暗号方式,
  電子通信学会論文誌（D）, Vol.J69-D, No.12, pp.1963-1970, December 1986.
  
  
• A. Shamir:
  Efficient signature schemes based on birational permutations,
  Proceedings of the 13th International Cryptology Conference (CRYPTO '93),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.773, pp.1-12,
  August 22-26, 1993, Santa Barbara, CA, USA.
  
  

Attacks, Security Analysis

• 岡本栄司, 中村勝洋:
  最近提案された公開鍵暗号系の評価,
  第 3 回暗号と情報セキュリティ・シンポジウム (SCIS1986) 資料, February 1986.
  
  
• 長谷川栄, 金子敏信:
  非線形連立方程式の順序解法による公開鍵暗号方式の攻撃法,
  第 10 回情報理論とその応用シンポジウム資料, JA5-3, November 1987.
  
  
• D. Coppersmith, J. Stern, and S. Vaudenay:
  Attacks on the birational permutation signature schemes,
  Proceedings of the 13th International Cryptology Conference (CRYPTO '93),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.773, pp.435-443,
  August 22-26, 1993, Santa Barbara, CA, USA.
  
  
• D. Coppersmith, J. Stern, and S. Vaudenay:
  The security of the birational permutation signature schemes,
  Journal of Cryptology, Vol.10, No.3, pp.207-221, July 1997.
  
  
• N. Ogura and S. Uchiyama:
  Cryptanalysis of the birational permutation signature scheme over a non-commutative ring,
  Cryptology ePrint Archive, Report 2009/245, May 2009.
  http://eprint.iacr.org/2009/245
  
  

Tame Transformation Method (TTM)

Proposals

• T.-T. Moh:
  A public key system with signature and master key functions,
  Communications in Algebra, Vol.27, No.5, pp.2207-2222, 1999.
  
  
• C.-Y. Chou, D.-J. Guan, and J.-M. Chen:
  A systematic construction of a $Q_{2^k}$-module in TTM,
  Communications in Algebra, Vol.30, No.2, pp.551-562, 2002.
  
  
• L.-C. Wang and F.-H. Chang:
  Square-free $Q_k$ components in TTM,
  Taiwanese Journal of Mathematics, Vol.7, No.4, pp.615-629, December 2003.
  
  
• T. Moh, J.-M. Chen, and B. Yang:
  Building instances of TTM immune to the Goubin-Courtois attack and the Ding-Schmidt attack,
  Cryptology ePrint Archive, Report 2004/168, July 2004.
  http://eprint.iacr.org/2004/168
  
  
• T. Moh:
  Two new examples of TTM,
  Cryptology ePrint Archive, Report 2007/144, April 2007.
  http://eprint.iacr.org/2007/144
  
  

Attacks, Security Analysis

• L. Goubin and N. Courtois:
  Cryptanalysis of the TTM cryptosystem,
  Proceedings of the 6th International Conference on the Theory and Applications of Cryptology and Information Security (ASIACRYPT 2000),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1976, pp.44-57,
  December 3-7, 2000, Kyoto, Japan.
  
  
• T. Moh:
  On the method of "XL" and its inefficiency to TTM,
  Cryptology ePrint Archive, Report 2001/047, June 2001.
  http://eprint.iacr.org/2001/047
  
  
• T. Moh and J.-M. Chen:
  On the Goubin-Courtois attack on TTM,
  Cryptology ePrint Archive, Report 2001/072, July 2002.
  http://eprint.iacr.org/2001/072
  
  
• J. Ding and T. Hodges:
  Cryptanalysis of an implementation scheme of the tamed transformation method cryptosystem,
  Journal of Algebra and its Applications, Vol.3, No.3, pp.273-282, 2004.
  
  
• J. Ding and D. Schmidt:
  The new implementation schemes of the TTM cryptosystem are not secure,
  Coding, Cryptography and Combinatorics,
  Progress in Computer Science and Applied Logic, Birkhäuser-Verlag, Vol.23, pp.113-127, 2004.
  
  
• X. Nie, L. Hu, J. Li, C. Updegrove, and J. Ding:
  Breaking a new instance of TTM cryptosystems,
  Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3989, pp.210-225,
  June 6-9, 2006, Singapore.
  
  
• T. Moh:
  The recent attack of Nie et al on TTM is faulty,
  Cryptology ePrint Archive, Report 2006/417, November 2006.
  http://eprint.iacr.org/2006/417
  
  
• X. Nie, X. Jiang, L. Hu, J. Ding, and F. Zhang:
  Breaking instance I of new TTM cryptosystems,
  Proceedings of the 2008 International Conference on Communications, Circuits and Systems (ICCCAS 2008), pp.493-497,
  May 25-27, 2008, Xiamen, Fujian, China.
  
  
• X. Nie, X. Jiang, L. Hu, J. Ding, and Z. Qin:
  Breaking instance II of new TTM cryptosystems,
  Proceedings of the 2008 International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP 2008), pp.1332-1335,
  August 15-17, 2008, Harbin, China.
  
  

Tame Transformation Signature (TTS)

Proposals

• J.-M. Chen and B.-Y. Yang:
  A more secure and efficacious TTS signature scheme,
  Revised Papers from the 6th International Conference on Information Security and Cryptology (ICISC 2003),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2971, pp.320-338,
  November 27-28, 2003, Seoul, Korea.
  
  
• B.-Y. Yang and J.-M. Chen:
  TTS: Rank attacks in tame-like multivariate PKCs,
  Cryptology ePrint Archive, Report 2004/061, November 2004.
  http://eprint.iacr.org/2004/061
  
  
• B.-Y. Yang, J.-M. Chen, and Y.-H. Chen:
  TTS: High-speed signatures on a low-cost smart card,
  Proceedings of the 6th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3156, pp.371-385,
  August 11-13, 2004, Cambridge, MA, USA.
  
  
• B.-Y. Yang and J.-M. Chen:
  Building secure tame-like multivariate public-key cryptosystems: The new TTS,
  Proceedings of the 10th Australasian Conference on Information Security and Privacy (ACISP 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3574, pp.518-531,
  July 4-6, 2005, Brisbane, Australia.
  
  

Attacks, Security Analysis

• J. Ding, D. Schmidt, and Z. Yin:
  Cryptanalysis of the new TTS scheme in CHES 2004,
  International Journal of Information Security, Vol.5, No.4, pp.231-240, October 2006.
  
  

Random (Singular) Simultaneous Equations (R(S)SE),
Stepwise Triangular Systems (STS)

Proposals

• 笠原正雄, 境隆一:
  新しい公開鍵暗号の原理とその一実現法,
  電子情報通信学会技術研究報告, Vol.100, No.421, ISEC2000-92, pp.97-104, 2000年11月13日, 機械振興会館, 東京.
  
  
• M. Kasahara and R. Sakai:
  A construction of public key cryptosystem for realizing ciphertext of size 100 bit and digital signature scheme,
  IEICE Trans. Fundamentals, Vol.E87-A, No.1, pp.102-109, January 2004.
  
  
• M. Kasahara and R. Sakai:
  A construction of public-key cryptosystem based on singular simultaneous equations,
  IEICE Trans. Fundamentals, Vol.E88-A, No.1, pp.74-80, January 2005.
  
  
• M. Kasahara and R. Sakai:
  A construction of public-key cryptosystem based on singular simultaneous equations and its variants,
  電子情報通信学会技術研究報告, Vol.105, No.51, ISEC2005-7, pp.37-42, 2005年5月18日, 機械振興会館, 東京.
  
  
• M. Kasahara and R. Sakai:
  A construction of public key cryptosystem with large keys over $F_{2^m}$ and small keys over $F_2$,
  2007年暗号と情報セキュリティシンポジウム (SCIS2007) 講演予稿, 3C2-3, 2007年1月23日〜1月26日, ハウステンボス・ユトレヒト, 長崎.
  
  
• S. Tsujii, M. Gotaishi, K. Tadaki, and R. Fujita:
  Proposal of a signature scheme based on STS trapdoor,
  Proceedings of the Third International Workshop on Post-Quantum Cryptography (PQCrypto 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6061, pp.201-217,
  May 25-28, 2010, Darmstadt, Germany.
  
  
• 辻井重男, 五太子政史:
  多変数公開鍵暗号による検証方程式を付加したデジタル署名方式の提案,
  電子情報通信学会技術研究報告, Vol.110, No.113, ISEC2010-23, pp.107-112, 2010年7月1日〜7月2日, 弘前大学, 青森.
  
  
• 境隆一, 笠原正雄:
  ランダムな正則 2 次変換の生成と多次多変数公開鍵暗号,
  2011年暗号と情報セキュリティシンポジウム (SCIS2011) 講演予稿, 3A3-6, 2011年1月25日〜1月28日, リーガロイヤルホテル小倉, 福岡.
  
  
• 辻井重男, 五太子政史:
  相補型 STS-MPKC 方式による組織対応型公開鍵暗号の提案,
  2011年暗号と情報セキュリティシンポジウム (SCIS2011) 講演予稿, 2A4-2, 2011年1月25日〜1月28日, リーガロイヤルホテル小倉, 福岡.
  
  

Attacks, Security Analysis

• 光成滋生, 渡辺秀行, 境隆一, 笠原正雄:
  多次多変数暗号の安全性について,
  電子情報通信学会技術研究報告, Vol.102, No.71, ISEC2002-8, pp.45-48, 2002年5月22日, 機械振興会館, 東京.
  
  
• C. Wolf, A. Braeken, and B. Preneel:
  Efficient cryptanalysis of RSE(2)PKC and RSSE(2)PKC,
  Proceedings of the 4th International Conference on Security in Communication Networks 2004 (SCN 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3352, pp.294-309,
  September 8-10, 2004, Amalfi, Italy.
  
  
• C. Wolf, A. Braeken, and B. Preneel:
  On the security of stepwise triangular systems,
  Designs, Codes and Cryptography, Vol.40, No.3, pp.285-302, September 2006.
  
  
• 藤田亮:
  rSTS 型多変数公開鍵暗号のグレブナ基底計算を用いた代数攻撃に対する安全性解析,
  2010年暗号と情報セキュリティシンポジウム (SCIS2010) 講演予稿, 3A3-3, 2010年1月19日〜1月22日, 高松, 香川.
  
  
• R. Fujita:
  Security analysis of rSTS type multivariate public key cryptosystems against algebraic attack using Gröbner bases,
  Recent Results Session at the third international workshop on Post-Quantum Cryptography (PQCrypto 2010), May 25-28, 2010, Darmstadt, Germany.
  
  
• 五太子政史, 辻井重男:
  多変数公開鍵暗号に対するランク攻撃の拡張,
  電子情報通信学会技術研究報告, Vol.110, No.200, ISEC2010-44, pp.35-40, 2010年9月10日, 機械振興会館, 東京.
  
  
• M. Gotaishi:
  Improvement of the low rank attack,
  Proceedings of 2010 International Symposium on Information Theory and its Applications (ISITA2010), pp.441-445, October 17-20, 2010, Taichung, Taiwan.
  
  
• 只木孝太郎, 辻井重男:
  ランク攻撃の厳密解析 I,
  日本応用数理学会論文誌, Vol.21, No.1, pp.89-102, March 2011.
  
  

Tractable Rational Map, Medium Field Equation (MFE)

Proposals

• L.-C. Wang and F.-H. Chang:
  Revision of tractable rational map cryptosystem,
  Cryptology ePrint Archive, Report 2004/046, December 2006.
  http://eprint.iacr.org/2004/046
  
  
• L.-C. Wang, Y.-H. Hu, F. Lai, C.-Y. Chou, and B.-Y. Yang:
  Tractable rational map signature,
  Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3386, pp.244-257,
  January 23-26, 2005, Les Diablerets, Switzerland.
  
  
• L.-C. Wang, B.-Y. Yang, Y.-H. Hu, and F. Lai:
  A "medium-field" multivariate public-key encryption scheme,
  Proceedings of the Cryptographers' Track at the RSA Conference 2006 (CT-RSA 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3860, pp.132-149,
  February 13-17, 2005, San Jose, CA, USA.
  
  
• X. Wang and X. Wang:
  An improved medium field multivariate public key cryptosystem,
  Proceedings of the 2008 International Conference on Convergence and Hybrid Information Technology (ICCIT 2008), Vol.2, pp.1120-1124,
  November 11-13, 2008, Busan, Korea.
  
  
• X. Wang, F. Feng, X. Wang, and Q. Wang:
  A more secure MFE multivariate public key encryption scheme,
  International Journal of Computer Science and Applications, Vol.6, No.3, pp.1-9, June 2009.
  
  
• J. Huang, B. Wei, and H. Ou:
  An improved MFE scheme resistant against SOLE attacks,
  Proceedings of the First Asia Pacific Conference on Postgraduate Research in Microelectronics and Electronics (PrimeAsia 2009), pp.157-160,
  November 19-21, 2009, Shanghai, China.
  
  
• H. Tao and Y. Chen:
  An improved medium-field multivariate public-key encryption scheme,
  Proceedings of the 2009 International Conference on Computational Intelligence and Software Engineering (CiSE 2009),
  December 11-13, 2009, Wuhan, China.
  
  
• L. Tian and W. Bao:
  A medium field multivariate public key signature scheme with external perturbation,
  Proceedings of the Third International Symposium on Intelligent Information Technology and Security Informatics (IITSI 2010), pp.753-757,
  April 2-4, 2010, Jinggangshan, China.
  
  
• S. Gao and R. Heindl:
  Multivariate public key cryptosystems from Diophantine equations,
  Designs, Codes and Cryptography, Published online, 2 November 2011.
  
  

Attacks, Security Analysis

• A. Joux, S. Kunz-Jacques, F. Muller, and P.-M. Ricordel:
  Cryptanalysis of the tractable rational map cryptosystem,
  Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3386, pp.258-274,
  January 23-26, 2005, Les Diablerets, Switzerland.
  
  
• J. Ding, L. Hu, X. Nie, J. Li, and J. Wagner:
  High Order Linearization Equation (HOLE) attack on multivariate public key cryptosystems,
  Proceedings of the 10th International Conference on Theory and Practice of Public-Key Cryptography (PKC 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4450, pp.233-248,
  April 16-20, 2007, Beijing, China.
  
  
• X. Nie, L. Hu, J. Ding, J. Li, and J. Wagner:
  Cryptanalysis of the TRMC-4 public key cryptosystem,
  Proceedings of the 5th International Conference on Applied Cryptography and Network Security (ACNS 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4521, pp.104-115,
  June 5-8, 2007, Zhuhai, China.
  
  
• L. Bettale, J.-C. Faugère, and L. Perret:
  Cryptanalysis of the TRMS signature scheme of PKC'05,
  Proceedings of the First International Conference on Cryptology in Africa (AFRICACRYPT 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5023, pp.143-155,
  June 11-14, 2008, Casablanca, Morocco.
  
  
• W. Cao, X. Nie, L. Hu, X. Tang, and J. Ding:
  Cryptanalysis of two quartic encryption schemes and one improved MFE scheme,
  Proceedings of the Third International Workshop on Post-Quantum Cryptography (PQCrypto 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6061, pp.41-60,
  May 25-28, 2010, Darmstadt, Germany.
  
  
• X. Nie, Z. Xu, L. Lu, and Y. Liao:
  Security analysis of an improved MFE public key cryptosystem,
  Proceedings of the 10th International Conference on Cryptology and Network Security (CANS 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7092, pp.118-125,
  December 10-12, 2011, Sanya, China.
  
  

2R

Proposals

• 辻井重男, 藤岡淳, 平山裕介:
  順序解法の一般化による公開鍵暗号系,
  電子情報通信学会論文誌（A）, Vol.J72-A, No.2, pp.390-397, February 1989.
  [English version:
  S. Tsujii, A. Fujioka, and Y. Hirayama:
  Generalization of the public-key cryptosystem based on the difficulty of solving a system of non-linear equations,
  included in an appendix of the paper http://eprint.iacr.org/2004/366]
  
  
• J. Patarin and L. Goubin:
  Trapdoor one-way permutations and multivariate polynomials,
  Proceedings of the First International Conference on Information and Communications Security (ICICS '97),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1334, pp.356-368,
  November 11-14, 1997, Beijing, China.
  
  
• J. Patarin and L. Goubin:
  Asymmetric cryptography with S-boxes,
  Proceedings of the First International Conference on Information and Communications Security (ICICS '97),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1334, pp.369-380,
  November 11-14, 1997, Beijing, China.
  

Attacks

• D.-F. Ye, K.-Y. Lam, and Z.-D. Dai:
  Cryptanalysis of "2R" schemes,
  Proceedings of the 19th Annual International Cryptology Conference (CRYPTO '99),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1666, pp.315-325,
  August 15-19, 1999, Santa Barbara, California, USA.
  
  
• E. Biham:
  Cryptanalysis of Patarin's 2-Round public key system with S boxes (2R),
  Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT 2000),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1807, pp.408-416,
  May 14-18, 2000, Bruges, Belgium.
  
  
• J.-C. Faugère and L. Perret:
  Cryptanalysis of 2R$^-$ schemes,
  Proceedings of the 26th Annual International Cryptology Conference (CRYPTO 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4117, pp.357-372,
  August 20-24, 2006, Santa Barbara, California, USA.
  
  
• J. Ding and J. Wagner:
  Cryptanalysis of rational multivariate public key cryptosystems,
  Proceedings of the Second International Workshop on Post-Quantum Cryptography (PQCrypto 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5299, pp.124-136,
  October 17-19, 2008, Cincinnati, OH, USA.
  
  

Dragon

Proposals

• J. Patarin:
  Asymmetric cryptography with a hidden monomial,
  Proceedings of the 16th Annual International Cryptology Conference (CRYPTO '96),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1109, pp.45-60,
  August 18-22, 1996, Santa Barbara, CA, USA.
  
  
• R. P. Singh, B. K. Sarma, and A. Saikia:
  Public key cryptography using permutation p-polynomials over finite fields,
  Cryptology ePrint Archive, Report 2009/208, June 2009.
  http://eprint.iacr.org/2009/208
  
  
• R. P. Singh, A. Saikia, and B. K. Sarma:
  Little Dragon two: An efficient multivariate public key cryptosystem,
  Cryptology ePrint Archive, Report 2009/488, October 2009.
  http://eprint.iacr.org/2009/488
  
  
• R. P. Singh, A. Saikia, and B. K. Sarma:
  Poly-Dragon: An efficient multivariate public key cryptosystem,
  Cryptology ePrint Archive, Report 2009/587, December 2009.
  http://eprint.iacr.org/2009/587
  
  

Attacks, Security Analysis

• J. Buchmann, S. Bulygin, J. Ding, W. S. A. E. Mohamed, and F. Werner:
  Practical algebraic cryptanalysis for dragon-based cryptosystems,
  Proceedings of the 9th International Conference on Cryptology and Network Security (CANS 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6467, pp.140-155,
  December 12-14, 2010, Kuala Lumpur, Malaysia.
  
  

Unbalanced Oil and Vinegar (UOV)

Proposals

• A. Kipnis, J. Patarin, and L. Goubin:
  Unbalanced oil and vinegar signature schemes,
  Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT '99),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1592, pp.206-222,
  May 2-6, 1999, Prague, Czech Republic.
  
  
• A. Petzoldt, S. Bulygin, and J. Buchmann:
  Linear recurring sequences for the UOV key generation,
  Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography (PKC 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6571, pp.335-350,
  March 6-9, 2011, Taormina, Italy.
  
  

Attacks, Security Analysis

• A. Kipnis and A. Shamir:
  Cryptanalysis of the oil and vinegar signature scheme,
  Proceedings of the 18th Annual International Cryptology Conference (CRYPTO '98),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1462, pp.257-266,
  August 23-27, 1998, Santa Barbara, CA, USA.
  
  
• A. Braeken, C. Wolf, and B. Preneel:
  A study of the security of unbalanced oil and vinegar signature schemes,
  Proceedings of the Cryptographers' Track at the RSA Conference 2005 (CT-RSA 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3376, pp.29-43,
  February 14-18, 2005, San Francisco, CA, USA.
  
  
• Y.-H. Hu, C.-Y. Chou, L.-C. Wang, and F. Lai:
  Cryptanalysis of variants of UOV,
  Proceedings of the 9th Information Security Conference (ISC 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4176, pp.161-170,
  August 30 - September 2, 2006, Samos Island, Greece.
  
  
• S. Bulygin, A. Petzoldt, and J. Buchmann:
  Towards provable security of the unbalanced oil and vinegar signature scheme under direct attacks,
  Proceedings of the 11th International Conference on Cryptology in India (INDOCRYPT 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6498, pp.17-32,
  December 12-15, 2010, Hyderabad, India.
  
  
• W. Cao, L. Hu, J. Ding, and Z. Yin:
  Kipnis-Shamir attack on unbalanced oil-vinegar scheme,
  Proceedings of the 7th International Conference on Information Security Practice and Experience (ISPEC 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6672, pp.168-180,
  May 30 - June 1, 2011, Guangzhou, China.
  
  

Rainbow

Proposals

• J. Ding and D. Schmidt:
  Rainbow, a new multivariable polynomial signature scheme,
  Proceedings of the Third International Conference on Applied Cryptography and Network Security (ACNS 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3531, pp.164-175,
  June 7-10, 2005, New York, NY, USA.
  
  
• J. Ding, L. Hu, B.-Y Yang, and J.-M. Chen:
  Note on design criteria for Rainbow-type multivariates,
  Cryptology ePrint Archive, Report 2006/307, April 2008.
  http://eprint.iacr.org/2006/307
  
  
• A. Petzoldt, S. Bulygin, and J. Buchmann:
  Selecting parameters for the Rainbow signature scheme,
  Proceedings of the Third International Workshop on Post-Quantum Cryptography (PQCrypto 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6061, pp.218-240,
  May 25-28, 2010, Darmstadt, Germany.
  
  
• 五太子政史:
  多変数公開鍵暗号による署名方式 Rainbow の改良,
  電子情報通信学会技術研究報告, Vol.110, No.113, ISEC2010-24, pp.113-117, 2010年7月1日〜7月2日, 弘前大学, 青森.
  
  
• A. Petzoldt, S. Bulygin, and J. Buchmann:
  CyclicRainbow -- A multivariate signature scheme with a partially cyclic public key,
  Proceedings of the 11th International Conference on Cryptology in India (INDOCRYPT 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6498, pp.33-48,
  December 12-15, 2010, Hyderabad, India.
  
  
• 安田貴徳, 櫻井幸一, 高木剛:
  Rainbow 型電子署名の鍵長削減に関する一考察,
  電子情報通信学会技術研究報告, Vol.111, No.34, ISEC2011-2, pp.9-6, 2011年5月13日, 機械振興会館, 東京.
  
  

Attacks, Security Analysis

• O. Billet and H. Gilbert:
  Cryptanalysis of Rainbow,
  Proceedings of the 5th International Conference on Security and Cryptography for Networks (SCN 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4116, pp.336-347,
  September 6-8, 2006, Maiori, Italy.
  
  
• J. Ding, B.-Y. Yang, C.-H. Owen Chen, M.-S. Chen, and C.-M. Cheng:
  New differential-algebraic attacks and reparametrization of Rainbow,
  Proceedings of the 6th International Conference on Applied Cryptography and Network Security (ACNS 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5037, pp.242-257,
  June 3-6, 2008, New York, NY, USA.
  
  
• T. Yasuda and K. Sakurai:
  A security analysis of uniformly-layered Rainbow
  -- Revisiting Sato-Araki's non-commutative approach to Ong-Schnorr-Shamir signature towards PostQuantum paradigm,
  Proceedings of the 4th International Workshop on Post-Quantum Cryptography (PQCrypto 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7071, pp.275-294,
  November 29 - December 2, Taipei, Taiwan.
  
  

IP (Isomorphisms of Polynomials)

• J. Patarin, L. Goubin, and N. Courtois:
  Improved algorithms for isomorphisms of polynomials,
  Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT '98),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1403, pp.184-200,
  May 31 - June 4, 1998, Espoo, Finland.
  
  
• W. Geiselmann, W. Meier, and R. Steinwandt:
  An attack on the isomorphisms of polynomials problem with one secret,
  International Journal of Information Security, Vol.2, No.1, pp.59-64, November 2003.
  
  
• F. Levy-dit-Vehel and L. Perret:
  Polynomial equivalence problems and applications to multivariate cryptosystems,
  Proceedings of the 4th International Conference on Cryptology in India (INDOCRYPT 2003),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2904, pp.235-251,
  December 8-10, 2003, New Delhi, India.
  
  
• L. Perret:
  A fast cryptanalysis of the Isomorphism of Polynomials with one secret problem,
  Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3494, pp.354-370,
  May 22-26, 2005, Aarhus, Denmark.
  
  
• J.-C. Faugère and L. Perret:
  Polynomial equivalence problems: Algorithmic and theoretical aspects,
  Proceedings of the 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4004, pp.30-47,
  May 28 - June 1, 2006, St. Petersburg, Russia.
  
  
• C. Bouillaguet, J.-C. Faugère, P.-A. Fouque, and L. Perret:
  Practical cryptanalysis of the identification scheme based on the Isomorphism of Polynomial with one secret problem,
  Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography (PKC 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6571, pp.473-493,
  March 6-9, 2011, Taormina, Italy.
  
  

Authentication Schemes

• N. T. Courtois:
  Efficient zero-knowledge authentication based on a linear algebra problem MinRank,
  Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2001),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2248, pp.402-421,
  December 9-13, 2001, Gold Coast, Australia.
  
  
• J.-C. Faugère, F. Levy-dit-Vehel, and L. Perret:
  Cryptanalysis of MinRank,
  Proceedings of the 28th Annual International Cryptology Conference (CRYPTO 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5157, pp.280-296,
  August 17-21, 2008, Santa Barbara, CA, USA.
  
  

Piece in Hand Method

Proposals

• S. Tsujii:
  A new structure of primitive public key cryptosystem based on soldiers in hand matrix,
  Technical Report TRISE 02-03, Chuo University, July 2003.
  
  
• S. Tsujii, R. Fujita, and K. Tadaki:
  Proposal of MOCHIGOMA (Piece in Hand) concept for multivariate type public key cryptosystem,
  電子情報通信学会技術研究報告, Vol.104, No.315, ISEC2004-74, pp.47-54, 2004年9月17日, 機械振興会館, 東京.
  
  
• S. Tsujii, K. Tadaki, and R. Fujita:
  Piece in hand concept for enhancing the security of multivariate type public key cryptosystems:
  Public key without containing all the information of secret key,
  Cryptology ePrint Archive, Report 2004/366, December 2004.
  http://eprint.iacr.org/2004/366
  
  
• S. Tsujii, K. Tadaki, and R. Fujita:
  Piece in hand concept for enhancing the security of multivariate type public key cryptosystems: Public key without containing all the information of secret key,
  2005年暗号と情報セキュリティシンポジウム (SCIS2005) 講演予稿, 2E1-3, pp.487-492, 2005年1月25日〜1月28日, シーサイドホテル舞子ビラ神戸, 兵庫.
  
  
• 辻井重男, 只木孝太郎, 藤田亮:
  持駒行列の提案 その 2 ―多変数多項式型公開鍵暗号の安全性強化のための汎用的手法―,
  2006年暗号と情報セキュリティシンポジウム (SCIS2006) 講演予稿, 2A4-1, 2006年1月17日〜1月20日, 広島プリンスホテル, 広島.
  
  
• S. Tsujii, K. Tadaki, and R. Fujita:
  Proposal for piece in hand matrix ver.2: General concept for enhancing security of multivariate public key cryptosystems,
  Workshop Record of the International Workshop on Post-Quantum Cryptography (PQCrypto 2006), pp.103-117,
  May 23-26, 2006, Leuven, Belgium.
  
  
• S. Tsujii, K. Tadaki, and R. Fujita:
  Proposal for piece in hand matrix: General concept for enhancing security of multivariate public key cryptosystems,
  IEICE Trans. Fundamentals, Vol.E90-A, No.5, pp.992-999, May 2007.
  
  
• 辻井重男, 只木孝太郎, 藤田亮:
  多様な多変数公開鍵暗号を汎用的に強化する非線形持駒行列の構成法,
  電子情報通信学会技術研究報告, Vol.107, No.141, ISEC2007-56, pp.75-80, 2007年7月19日〜7月20日, 公立はこだて未来大学, 函館, 北海道.
  
  
• S. Tsujii, K. Tadaki, and R. Fujita:
  Nonlinear piece in hand matrix method for enhancing security of multivariate public key cryptosystems,
  Proceedings of the First International Conference on Symbolic Computation and Cryptography (SCC 2008), pp.124-144, April 28-30, 2008, Beijing, China.
  
  
• 辻井重男, 金子敏信, 只木孝太郎, 五太子政史:
  多変数公開鍵暗号の設計指針 ―持駒概念を中心にして―,
  電子情報通信学会技術研究報告, Vol.108, No.161, ISEC2008-18, SITE2008-12, pp.15-22, 2008年7月24日〜7月25日, 福岡システムLSI総合開発センター.
  
  
• R. Fujita, K. Tadaki, and S. Tsujii:
  Nonlinear piece in hand perturbation vector method for enhancing security of multivariate public key cryptosystems,
  Proceedings of the Second International Workshop on Post-Quantum Cryptography (PQCrypto 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5299, pp.148-164,
  October 17-19, 2008, Cincinnati, OH, USA.
  
  
• 辻井重男, 只木孝太郎, 藤田亮, 五太子政史, 金子敏信:
  多変数公開鍵暗号の 2 層式非線形持駒方式による安全性向上,
  2009年暗号と情報セキュリティシンポジウム (SCIS2009) 講演予稿, 2C4-2, 2009年1月20日〜1月23日, 大津プリンスホテル, 滋賀.
  
  
• 辻井重男, 只木孝太郎, 五太子政史, 藤田亮, 笠原正雄:
  統合型多変数公開鍵暗号 PPS 方式の提案 ― PMI方式及び 2 層式持駒方式によって強化されたSTS方式 ―,
  電子情報通信学会技術研究報告, Vol.109, No.113, ISEC2009-27, SITE2009-19, ICSS2009-41, pp.139-146, 2009年7月2日〜7月3日, 秋田大学.
  
  
• S. Tsujii, K. Tadaki, R. Fujita, M. Gotaishi, and T. Kaneko:
  Security enhancement of various MPKCs by 2-layer nonlinear piece in hand method,
  IEICE Trans. Fundamentals, Vol.E92-A, No.10, pp.2438-2446, October 2009.
  
  
• K. Tadaki and S. Tsujii:
  Key-generation algorithms for Piece In Hand matrix methods,
  第32回情報理論とその応用シンポジウム (SITA2009) 予稿集, W25-3, pp.156-161, 2009年12月1日〜12月4日, ホテルかめ福, 湯田温泉, 山口.
  
  
• K. Tadaki and S. Tsujii:
  On the specification of linear piece in hand matrix method,
  2010年暗号と情報セキュリティシンポジウム (SCIS2010) 講演予稿, 3A2-4, 2010年1月19日〜1月22日, 高松, 香川.
  
  
• K. Tadaki and S. Tsujii:
  Key-generation algorithms for linear piece in hand matrix method,
  IEICE Trans. Fundamentals, Vol.E93-A, No.6, pp.1102-1110, June 2010.
  
  
• K. Tadaki and S. Tsujii:
  Two-sided multiplications are reduced to one-sided multiplication in Linear Piece In Hand Matrix Methods,
  Proceedings of 2010 International Symposium on Information Theory and its Applications (ISITA2010), pp.900-904, October 17-20, 2010, Taichung, Taiwan.
  
  
• K. Tadaki and S. Tsujii:
  Clarifying the specification of Linear Piece In Hand Matrix Method,
  Proceedings of 2010 International Symposium on Information Theory and its Applications (ISITA2010), pp.905-910, October 17-20, 2010, Taichung, Taiwan.
  
  

Attacks, Security Analysis

• 伊藤大介, 福島啓友, 金子敏信:
  順序解法を原方式に持つ線形持駒方式の安全性に関する一考察,
  電子情報通信学会技術研究報告, Vol.106, No.175, ISEC2006-30, SITE2006-27, pp.155-159, 2006年7月20日〜7月21日, 岡山大学, 岡山.
  
  
• K. Tadaki and S. Tsujii:
  On the enhancement of security by piece in hand matrix method for multivariate public key cryptosystems,
  2007年暗号と情報セキュリティシンポジウム (SCIS2007) 講演予稿, 2C1-3, 2007年1月23日〜1月26日, ハウステンボス・ユトレヒト, 長崎.
  
  
• 金子敏信, 五十嵐保隆, 伊藤大介, 早川潔:
  線形持駒方式の安全性に対する一考察 〜 SCIS'07版 〜,
  電子情報通信学会技術研究報告, Vol.108, No.161, ISEC2008-17, SITE2008-11, pp.9-14, 2008年7月24日〜7月25日, 福岡システムLSI総合開発センター.
  
  

K series

• M. Kasahara:
  A new principle for construction of public-key cryptosystems and the several new classes of public-key cryptosystems,
  2005年暗号と情報セキュリティシンポジウム (SCIS2005) 講演予稿, 2E1-5, 2005年1月25日〜1月28日, シーサイドホテル舞子ビラ神戸, 兵庫.
  
  
• M. Kasahara:
  Construction of new classes of SE($g$)PKC -- Along with some notes on $K$-matrix $\cdot$ PKC --,
  電子情報通信学会技術研究報告, Vol.106, No.51, ISEC2006-4, pp.23-28, 2006年5月19日, 機械振興会館, 東京.
  
  
• M. Kasahara:
  Constructions of K$_HLN$ $\cdot$ SE(g)PKC on the basis of K-construction with Hidden Location Noise (HLN),
  電子情報通信学会技術研究報告, Vol.106, No.235, ISEC2006-83, pp.85-90, 2006年9月13日, 機械振興会館, 東京.
  
  
• M. Kasahara:
  A new class of public key cryptosystem constructed on the basis of multivariate polynomials randomly generated,
  電子情報通信学会技術研究報告, Vol.107, No.209, ISEC2007-81, pp.57-63, 2007年9月7日, 機械振興会館, 東京.
  
  
• M. Kasahara:
  New classes of public key cryptosystem constructed on the basis of multivariate polynomials,
  第30回情報理論とその応用シンポジウム (SITA2007) 予稿集, 2007年11月27日〜11月30日, 賢島宝生苑, 三重.
  
  
• M. Kasahara:
  New classes of public key cryptosystem constructed on the basis of multivariate polynomials and random coding,
  電子情報通信学会技術研究報告, Vol.107, No.397, ISEC2007-118, pp.41-48, 2007年12月19日, 機械振興会館, 東京.
  
  
• M. Kasahara:
  New classes of public key cryptosystem constructed on the basis of multivariate polynomials and random coding -- Another class of K(III)RSE(g)PKC,
  電子情報通信学会技術研究報告, Vol.107, No.501, IT2007-57, ISEC2007-154, WBS2007-88, pp.57-64, 2008年2月28日〜2月29日, 電気通信大学, 東京.
  
  
• M. Kasahara:
  New classes of public key cryptosystem constructed on the basis of multivariate polynomials and error control coding,
  電子情報通信学会技術研究報告, Vol.108, No.38, ISEC2008-13, pp.85-90, 2008年5月16日, 機械振興会館, 東京.
  
  
• M. Kasahara:
  New classes of public key cryptosystems constructed on the basis of low-density multivariate polynomials ―Along with K(I) knapsack scheme ―,
  電子情報通信学会技術研究報告, Vol.108, No.207, ISEC2008-63, pp.1-7, 2008年9月12日, 機械振興会館, 東京.
  
  
• M. Kasahara:
  Multivariate public-key cryptosystems constructed based on source and channel joint coding,
  第31回情報理論とその応用シンポジウム (SITA2008) 予稿集, 3.2.1, pp.257-262, 2008年10月7日〜10月10日, あさやホテル 鬼怒川温泉.
  
  
• M. Kasahara:
  Multivariate public-key cryptosystems constructed based on K(I)・SE(1)Scheme and applications of MPKC on common key cryptosystem,
  電子情報通信学会技術研究報告, Vol.108, No.284, ISEC2008-79, OIS2008-55, pp.41-46, 2008年11月13日〜11月14日, 名古屋能楽堂会議室.
  
  
• M. Kasahara:
  Multivariate public-key cryptosystems constructed based on K(II)SE(1)Scheme,
  2009年暗号と情報セキュリティシンポジウム (SCIS2009) 講演予稿, 2C4-1, 2009年1月20日〜1月23日, 大津プリンスホテル, 滋賀.
  
  
• M. Kasahara:
  Construction of new class of linear multivariate public key cryptosystem ― Along with a note on the number 999990 and its application ― ,
  電子情報通信学会技術研究報告, Vol.109, No.207, ISEC2009-44, pp.29-33, 2009年9月25日, 機械振興会館, 東京.
  
  
• M. Kasahara:
  A construction of a new class of non-linear product-sum-type public-key cryptosystem,
  電子情報通信学会技術研究報告, Vol.109, No.271, ISEC2009-54, LOIS2009-43, pp.23-27, 2009年11月12日〜11月13日, 岐阜大学.
  
  
• M. Kasahara:
  New classes of public key cryptosystems constructed based on error-correcting codes and probabilistic structure,
  電子情報通信学会技術研究報告, Vol.109, No.445, IT2009-126, ISEC2009-134, WBS2009-105, pp.353-360, 2010年3月4日〜3月5日, 信州大学長野（工学）キャンパス.
  
  
• M. Kasahara:
  A construction of new class of linear multivariate public key cryptosystem constructed based on error correcting codes,
  電子情報通信学会技術研究報告, Vol.109, No.445, IT2009-127, ISEC2009-135, WBS2009-106, pp.361-366, 2010年3月4日〜3月5日, 信州大学長野（工学）キャンパス.
  
  
• M. Kasahara:
  New class of public key cryptosystems constructed based on error-correcting codes, using K(�V) scheme
  ― Appendix: Proposal of K(IX)SE(g)PKC ― ,
  電子情報通信学会技術研究報告, Vol.110, No.44, ISEC2010-7, pp.41-48, 2010年5月21日, 機械振興会館, 東京.
  
  
• 笠原正雄:
  擬巡回符号に基づく公開鍵暗号 K(XI)SE(2)PKC ― K(VII)SE(1)PKCの修正とその発展形式 ―,
  電子情報通信学会技術研究報告, Vol.110, No.443, IT2010-125, ISEC2010-129, WBS2010-104, pp.377-382, 2011年3月3日〜3月4日, 大阪大学, 大阪.
  
  

Key Space

• C. Wolf and B. Preneel:
  Large superfluous keys in Multivariate Quadratic asymmetric systems,
  Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3386, pp.275-287,
  January 23-26, 2005, Les Diablerets, Switzerland.
  
  
• C. Wolf and B. Preneel:
  Equivalent keys in HFE, C$^*$, and variations,
  Proceedings of the First International Conference on Cryptology in Malaysia (Mycrypt 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3715, pp.33-49,
  September 28-30, 2005, Kuala Lumpur, Malaysia.
  
  
• Y.-H. Hu, L.-C. Wang, C.-Y. Chou, and F. Lai:
  Similar keys of multivariate quadratic public key cryptosystems,
  Proceedings of the 4th International Conference on Cryptology and Network Security (CANS 2005),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3810, pp.211-222,
  December 14-16, 2005, Xiamen, China.
  
  

Paraunitary Matrices

• F. Delgosha and F. Fekri:
  Public-key cryptography using paraunitary matrices,
  IEEE Transactions on Signal Processing, Vol.54, No.9, pp.3489-3504, September 2006.
  
  
• F. Delgosha and F. Fekri:
  Multivariate signature using algebraic techniques,
  Proceedings of the 2006 IEEE International Symposium on Information Theory (ISIT 2006), pp.917-921,
  July 9-14, 2006, Seattle, Washington, USA.
  
  

QUAD

Proposals

• C. Berbain, H. Gilbert, and J. Patarin:
  QUAD: A practical stream cipher with provable security,
  Proceedings of the 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4004, pp.109-128,
  May 28 - June 1, 2006, St. Petersburg, Russia.
  
  

Security Analysis

• B.-Y. Yang, O. C.-H. Chen, D. J. Bernstein, and J.-M. Chen:
  Analysis of QUAD,
  Revised Selected Papers from the 14th International Workshop on Fast Software Encryption (FSE 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4593, pp.290-308,
  March 26-28, 2007, Luxembourg, Luxembourg.
  
  

Hash Functions

Proposals

• J. Ding and B.-Y. Yang:
  Multivariates polynomials for hashing,
  Revised Selected Papers from the Third SKLOIS Conference on Information Security and Cryptology (Inscrypt 2007),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4990, pp.358-371,
  August 31 - September 5, 2007, Xining, China.
  
  

Security Analysis

• L. Bettale, J.-C. Faugère, and L. Perret:
  Security analysis of multivariate polynomials for hashing,
  Revised Selected Papers from the 4th China International Conference on Information Security and Cryptology (Inscrypt 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5487, pp.115-124,
  December 14-17, 2008, Beijing, China.
  
  

Multivariate Quadratic Quasigroups (MQQ)

Proposals

• D. Gligoroski, S. Markovski, and S. J. Knapskog:
  Multivariate quadratic trapdoor functions based on multivariate quadratic quasigroups,
  Proceedings of the American Conference on Applied Mathematics (MATH'08), pp.358-371.
  
  
• D. Gligoroski, S. Markovski, and S. J. Knapskog:
  Public key block cipher based on multivariate quadratic quasigroups,
  Cryptology ePrint Archive, Report 2008/320, August 2008.
  http://eprint.iacr.org/2008/320
  
  
• D. Gligoroski, R. S. Ødegård, R. E. Jensen, L. Perret, and J.-C. Faugère, S. J. Knapskog, and S. Markovski:
  The digital signature scheme MQQ-SIG,
  Cryptology ePrint Archive, Report 2010/527, December 2010.
  http://eprint.iacr.org/2010/527
  
  

Attacks, Security Analysis

• M. S. E. Mohamed, J. Ding, and J. Buchmann:
  Algebraic cryptanalysis of MQQ public key cryptosystem by MutantXL,
  Cryptology ePrint Archive, Report 2008/451, October 2008.
  http://eprint.iacr.org/2008/451
  
  
• M. S. E. Mohamed, J. Ding, J. Buchmann, and F. Werner:
  Algebraic attack on the MQQ public key cryptosystem,
  Proceedings of the 8th International Conference on Cryptology and Network Security (CANS 2009),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5888, pp.392-401,
  December 12-14, 2009, Kanazawa, Japan.
  
  
• J.-C. Faugère, R. S. Ødegård, L. Perret, and D. Gligoroski:
  Analysis of the MQQ public key cryptosystem,
  Proceedings of the 9th International Conference on Cryptology and Network Security (CANS 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6467, pp.169-183,
  December 12-14, 2010, Kuala Lumpur, Malaysia.
  
  

MPKCs over Non-commutative Rings

• 安田貴徳, 櫻井幸一:
  非可換環上の多変数多項式署名方式に対する安全性評価の再考,
  電子情報通信学会技術研究報告, Vol.111, No.34, ISEC2011-1, pp.1-7, 2011年5月13日, 機械振興会館, 東京.
  
  
• 安田貴徳, 櫻井幸一, 高木剛:
  非可換環の多変数多項式公開鍵暗号への応用,
  日本応用数理学会 2011年度年会予稿集, 16a-C2-3, 2011年9月14日〜9月16日, 同志社大学今出川キャンパス, 京都.
  
  

Group Signature Schemes

• G. Yang, S. Tang, and L. Yang:
  A novel group signature scheme based on MPKC,
  Proceedings of the 7th International Conference on Information Security Practice and Experience (ISPEC 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6672, pp.181-195,
  May 30 - June 1, 2011, Guangzhou, China.
  
  

Identification Schemes

• C. Wolf and B. Preneel:
  MQ^*-IP: An identity-based identification scheme without number-theoretic assumptions,
  Cryptology ePrint Archive, Report 2010/087, February 2010.
  http://eprint.iacr.org/2010/087
  
  
• K. Sakumoto, T. Shirai, and H. Hiwatari:
  Public-key identification schemes based on multivariate quadratic polynomials,
  Proceedings of the 31st International Cryptology Conference (CRYPTO 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6841, pp.706-723,
  August 14-18, 2011, Santa Barbara, CA, USA.
  
  

Ring Signature Schemes

• S. Wang, R. Ma, Y. Zhang, and X. Wang:
  Ring signature scheme based on multivariate public key cryptosystems,
  Computers & Mathematics with Applications, Vol.62, No.10, pp.3973-3979, Novenber 2011.
  
  

Provable Security

• K. Sakumoto, T. Shirai, and H. Hiwatari:
  On provable security of UOV and HFE signature schemes against chosen-message attack,
  Proceedings of the 4th International Workshop on Post-Quantum Cryptography (PQCrypto 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7071, pp.68-82,
  November 29 - December 2, Taipei, Taiwan.
  
  

Solving Systems of Equations

Gröbner Basis

• 只木孝太郎:
  多変数公開鍵暗号とグレブナ基底計算,
  日本応用数理学会 「数論アルゴリズムとその応用」研究部会 (JANT) オーガナイズドセッション
  「多変数公開鍵暗号について ― 基礎から最近の話題まで ―」,
  日本応用数理学会2008年度年会予稿集, 2008年9月17日.
  
  
• 只木孝太郎:
  多変数公開鍵暗号とグレブナ基底,
  シンポジウム 数学的土壌の上に花開く暗号技術― 楕円曲線と暗号理論 ―, 2008年9月29日, 中央大学駿河台記念館.
  
  
• 藤田亮:
  Magma のグレブナ基底計算を利用した暗号解析 ― 多変数公開鍵暗号に対する代数攻撃 ―,
  研究集会「Magmaで広がる数学の世界」, 2010年10月9日〜10月10日, 九州大学大学院数理学研究院, 福岡.
  
  

XL (eXtended Linearlization)

• N. Courtois, A. Klimov, J. Patarin, and A. Shamir:
  Efficient algorithms for solving overdefined systems of multivariate polynomial equations,
  Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT 2000),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.1807, pp.392-407,
  May 14-18, 2000, Bruges, Belgium.
  
  
• N. Courtois and J. Patarin:
  About the XL algorithm over GF(2),
  Proceedings of the Cryptographers' Track at the RSA Conference 2003 (CT-RSA 2003),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2612, pp.141-157,
  April 13-17, 2003, San Francisco, CA, USA.
  
  
• B.-Y. Yang and J.-M. Chen:
  Theoretical analysis of XL over small fields,
  Proceedings of the 9th Australasian Conference on Information Security and Privacy (ACISP 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3108, pp.277-288,
  July 13-15, 2004, Sydney, Australia.
  
  
• B.-Y. Yang, J.-M. Chen, and N. T. Courtois:
  On asymptotic security estimates in XL and Gröbner bases-related algebraic cryptanalysis,
  Proceedings of the 6th International Conference on Information and Communications Security (ICICS 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3269, pp.401-413,
  October 27-29, 2004, Malaga, Spain.
  
  
• B.-Y. Yang and J.-M. Chen:
  All in the XL family: Theory and practice,
  Revised Selected Papers from the 7th International Conference on Information Security and Cryptology (ICISC 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3506, pp.67-86,
  December 2-3, 2004, Seoul, Korea.
  
  
• C. Diem:
  The XL-algorithm and a conjecture from commutative algebra,
  Proceedings of the 10th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3329, pp.323-337,
  December 5-9, 2004, Jeju Island, Korea.
  
  
• G. Ars, J.-C. Faugère, H. Imai, M. Kawazoe, and M. Sugita:
  Comparison between XL and Gröbner basis algorithms,
  Proceedings of the 10th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2004),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.3329, pp.338-353,
  December 5-9, 2004, Jeju Island, Korea.
  
  
• C.-H. Owen Chen, B.-Y. Yang, and J.-M. Chen:
  The limit of XL implemented with sparse matrices,
  Workshop Record of the International Workshop on Post-Quantum Cryptography (PQCrypto 2006), pp.215-225,
  May 23-26, 2006, Leuven, Belgium.
  
  
• 五太子政史, 辻井重男:
  有限体上の多変数連立二次方程式に関する新しい求解法の提案,
  2008年暗号と情報セキュリティシンポジウム (SCIS2008) 講演予稿, 3B1-3, 2008年1月22日〜1月25日, フェニックス・シーガイア・リゾート, 宮崎.
  
  
• S. Murphy and M. B. Paterson:
  A geometric view of cryptographic equation solving,
  Journal of Mathematical Cryptology, Vol.2, No.1, pp.63-107, April 2008.
  
  
• M. S. E. Mohamed, W. S. A. E. Mohamed, J. Ding, and J. Buchmann:
  MXL2: Solving polynomial equations over GF(2) using an improved mutant strategy,
  Proceedings of the Second International Workshop on Post-Quantum Cryptography (PQCrypto 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5299, pp.203-215,
  October 17-19, 2008, Cincinnati, OH, USA.
  
  
• M. Gotaishi and S. Tsujii:
  HXL ― a variant of XL algorithm computing Gröbner bases,
  Proceedings of Inscrypt 2008 Special Track on Symbolic Computation and Cryptology, pp.2-21, December 14, 2008, Beijing, China.
  
  
• J. Buchmann, D. Cabarcas, J. Ding, and M. S. E. Mohamed:
  Flexible partial enlargement to accelerate Gröbner basis computation over F_2,
  Proceedings of the Third International Conference on Cryptology in Africa (AFRICACRYPT 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6055, pp.69-81,
  May 3-6, 2010, Stellenbosch, South Africa.
  
  
• M. S. E. Mohamed, D. Cabarcas, J. Ding, J. Buchmann, and S. Bulygin:
  MXL3: An efficient algorithm for computing Gröbner bases of zero-dimensional ideals,
  Revised Selected Papers from the 12th International Conference on Information Security and Cryptology (ICISC 2009),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5984, pp.87-100,
  December 2-4, 2009, Seoul, Korea.
  
  
• S. Murphy and M. B. Paterson:
  Geometric ideas for cryptographic equation solving in even characteristic,
  Proceedings of the 12th IMA International Conference on Cryptography and Coding,
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5921, pp.201-221,
  December 15-17, 2009, Cirencester, UK.
  
  
• E. Thomae and C. Wolf:
  Solving systems of multivariate quadratic equations over finite fields or: from relinearization to MutantXL,
  Cryptology ePrint Archive, Report 2010/596, November 2011.
  http://eprint.iacr.org/2010/596
  
  
• C. Wolf and E. Thomae:
  Small linearization: Memory friendly solving of non-linear equations over finite fields,
  Cryptology ePrint Archive, Report 2011/669, December 2011.
  http://eprint.iacr.org/2011/669
  
  

Others

• N. Courtois, L. Goubin, W. Meier, and J.D. Tacier:
  Solving underdefined systems of multivariate quadratic equations,
  Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems (PKC 2002),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2274, pp.211-227,
  February 12-14, 2002, Paris, France.
  
  
• X. Tang and Y. Feng:
  A new efficient algorithm for solving systems of multivariate polynomial equations,
  Cryptology ePrint Archive, Report 2005/312, September 2005.
  http://eprint.iacr.org/2005/312
  
  
• T. Harayama:
  On the weil sum evaluation of central polynomial in multivariate quadratic cryptosystem,
  Cryptology ePrint Archive, Report 2006/075, February 2006.
  http://eprint.iacr.org/2006/075
  
  
• J. Ding, J. E. Gower, and D. Schmidt:
  Zhuang-Zi: A new algorithm for solving multivariate polynomial equations over a finite field,
  Workshop Record of the International Workshop on Post-Quantum Cryptography (PQCrypto 2006), pp.227-240,
  May 23-26, 2006, Leuven, Belgium.
  
  
• T. Harayama and D. K. Friesen:
  Weil sum for birthday attack in multivariate quadratic cryptosystem,
  Journal of Mathematical Cryptology, Vol.1, No.1, pp.79-104, January 2007.
  
  
• J. Ding and D. S. Schmidt:
  Mutant Zhuang-Zi algorithm,
  Proceedings of the Third International Workshop on Post-Quantum Cryptography (PQCrypto 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6061, pp.28-40,
  May 25-28, 2010, Darmstadt, Germany.
  
  
• Y. Hashimoto:
  Algorithms to solve massively under-defined systems of multivariate quadratic equations,
  IEICE Trans. Fundamentals, Vol.E94-A, No.6, pp.1257-1262, June 2011.
  
  

Implementations

• C. Wolf:
  Implementing QuartzLight in Java,
  September 2002.
  http://www.christopher-wolf.de/ql/
  
  
• C. Wolf:
  Implementing Hidden Field Equations (HFE) in Java,
  October 2002.
  http://www.christopher-wolf.de/hfe/
  
  
• M.-L. Akkar, N. Courtois, R. Duteuil, and L. Goubin:
  A fast and secure implementation of Sflash,
  Proceedings of the 6th International Workshop on Practice and Theory in Public Key Cryptosystems (PKC 2003),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.2567, pp.267-278,
  January 6-8, 2003, Miami, FL, USA.
  
  
• C. Wolf:
  Efficient public key generation for multivariate cryptosystems,
  Cryptology ePrint Archive, Report 2003/089, August 2005.
  http://eprint.iacr.org/2003/089
  
  
• Y.-H. Chen:
  An implementation of PMI+ on low-cost SmartCard,
  Master's Thesis, National Taiwan University, 2005.
  
  
• C. Berbain, O. Billet, and H. Gilbert:
  Efficient implementations of multivariate quadratic systems,
  Revised Selected Papers from the 13th International Workshop on Selected Areas in Cryptography (SAC 2006),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.4356, pp.174-187,
  August 17-18, 2006, Montreal, Canada.
  
  
• A. Bogdanov, T. Eisenbarth, A. Rupp, and C. Wolf:
  Time-area optimized public-key engines: MQ-cryptosystems as replacement for elliptic curves?
  Proceedings of the 10th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5154, pp.45-61,
  August 10-13, 2008, Washington, D.C., USA.
  
  
• A. I.-T. Chen, C.-H. Owen Chen, M.-S. Chen, C.-M. Cheng, and B.-Y. Yang:
  Practical-sized instances of multivariate PKCs: Rainbow, TTS, and $\ell$IC-derivatives
  Proceedings of the Second International Workshop on Post-Quantum Cryptography (PQCrypto 2008),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5299, pp.95-108,
  October 17-19, 2008, Cincinnati, OH, USA.
  
  
• M. El-Hadedy, D. Gligoroski, and S. J. Knapskog:
  High performance implementation of a public key block cipher -- MQQ, for FPGA platforms,
  Proceedings of the 2008 International Conference on Reconfigurable Computing and FPGAs (ReConFig 2008), pp.427-432,
  December 3-5, 2008, Cancun, Mexico.
  
  
• A. I.-T. Chen, M.-S. Chen, T.-R. Chen, C.-M. Cheng, J. Ding, E. L.-H. Kuo, F. Y.-S. Lee, and B.-Y. Yang:
  SSE implementation of multivariate PKCs on modern x86 CPUs,
  Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2009),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5747, pp.33-48,
  September 6-9, 2009, Lausanne, Switzerland.
  
  
• R. José, M. Maia, P. S. L. M. Barreto, and B. T. de Oliveira:
  Implementation of multivariate quadratic quasigroup for wireless sensor network,
  Special Issue on Security in Computing, Part II, Transactions on Computational Science XI,
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6480, pp.64-78, 2010.
  
  
• P. K. Singaravelu and S. Verma:
  Efficacy of multivariate cryptosystems for DWSN,
  Proceedings of the 2nd International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE 2011),
  February 28 - March 3, 2011, Chennai, India.
  
  
• 田中哲士, 櫻井幸一:
  多変数多項式暗号の GPU による高速実装と評価,
  電子情報通信学会技術研究報告, Vol.111, No.34, ISEC2011-3, pp.17-22, 2011年5月13日, 機械振興会館, 東京.
  
  
• A. Petzoldt, E. Thomae, S. Bulygin, and C. Wolf:
  Small public keys and fast verification for multivariate quadratic public key systems,
  Proceedings of the 13th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6917, pp.475-490,
  September 28 - October 1, 2011, Nara, Japan.
  
  
• S. Tanaka, T. Nishide, and K. Sakurai:
  Fast implementation and experimentation of multivariate cryptosystems on GPU,
  Proceedings of the 6th Joint Workshop on Information Security (JWIS 2011),
  October 5-6, 2011, Kaohsiung, Taiwan.
  
  
• 田中哲士, 西出隆志, 櫻井幸一:
  多変数暗号における GPU を用いた高速実装手法の評価,
  コンピュータセキュリティシンポジウム 2011 (CSS2011) 論文集, pp.588-593,
  2011年10月19日〜10月21日, 朱鷺メッセ：新潟コンベンションセンター, 新潟.
  
  
• S. Tang, H. Yi, J. Ding, H. Chen, and G. Chen:
  High-speed hardware implementation of Rainbow signature on FPGAs,
  Proceedings of the 4th International Workshop on Post-Quantum Cryptography (PQCrypto 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7071, pp.228-243,
  November 29 - December 2, Taipei, Taiwan.
  
  

Side Channel Attacks

• K. Okeya, T. Takagi, and C. Vuillaume:
  On the importance of protecting $\Delta$ in SFLASH against side channel attacks,
  IEICE Trans. Fundamentals, Vol.E88-A, No.1, pp.123-131, January 2005.
  
  
• Y. Hashimoto, T. Takagi, and K. Sakurai:
  General fault attacks on multivariate public key cryptosystems,
  Proceedings of the 4th International Workshop on Post-Quantum Cryptography (PQCrypto 2011),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.7071, pp.1-18,
  November 29 - December 2, Taipei, Taiwan.
  
  

Algebraic Surface Cryptosystem (ASC)

Proposals

• K. Akiyama and Y. Goto:
  An algebraic surface public-key cryptosystem,
  電子情報通信学会技術研究報告, Vol.104, No.421, ISEC2004-80, OIS2004-47, pp.13-20, 2004年11月8日〜11月9日, 大阪大学吹田キャンパス, 大阪.
  
  
• K. Akiyama and Y. Goto:
  A public-key cryptosystem using algebraic surfaces,
  Workshop Record of the International Workshop on Post-Quantum Cryptography (PQCrypto 2006), pp.119-138,
  May 23-26, 2006, Leuven, Belgium.
  
  
• K. Akiyama and Y. Goto:
  An improvement of the algebraic surface public-key cryptosystem,
  2008年暗号と情報セキュリティシンポジウム (SCIS2008) 講演予稿, 1F1-2, 2008年1月22日〜1月25日, フェニックス・シーガイア・リゾート, 宮崎.
  
  
• K. Akiyama, Y. Goto, and H. Miyake:
  An Algebraic Surface Cryptosystem,
  Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography (PKC 2009),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.5443, pp.425-442,
  March 18-20, 2009, Irvine, CA, USA.
  
  
• Y. Komano, K. Akiyama, Y. Hanatani, and H. Miyake:
  ASS-CC: Provably secure algebraic surface signature scheme,
  2010年暗号と情報セキュリティシンポジウム (SCIS2010) 講演予稿, 4A2-4, 2010年1月19日〜1月22日, 高松, 香川.
  
  
• 駒野雄一, 秋山浩一郎, 花谷嘉一, 三宅秀享, 後藤泰宏:
  代数曲面暗号系で用いる代数曲面に関する考察,
  電子情報通信学会技術研究報告, Vol.110, No.44, ISEC2010-7, pp.49-56, 2010年5月21日, 機械振興会館, 東京.
  
  

Attacks, Security Analysis

• 内山成憲, 徳永浩雄:
  代数曲面を用いた公開鍵暗号の安全性について,
  2007年暗号と情報セキュリティシンポジウム (SCIS2007) 講演予稿, 2C1-2, 2007年1月23日〜1月26日, ハウステンボス・ユトレヒト, 長崎.
  
  
• 岩見真希:
  代数曲面公開鍵暗号に対する簡約を利用した攻撃法,
  数理解析研究所講究録, Vol.1572, pp.114-123, 2007.
  
  
• M. Iwami:
  A reduction attack on Algebraic Surface Public-Key Cryptosystems,
  Revised and Invited Papers from the 8th Asian Symposium on Computer Mathematics (ASCM 2007),
  Lecture Notes in Artifical Intelligence, Springer-Verlag, Vol.5081, pp.323-332,
  December 15-17, 2007, Singapore.
  
  
• P. Ivanov and J. F. Voloch:
  Breaking the Akiyama-Goto cryptosystem,
  Cryptology ePrint Archive, Report 2008/284, June 2008.
  http://eprint.iacr.org/2008/284
  
  
• J.-C. Faugère and P.-J. Spaenlehauer:
  Algebraic cryptanalysis of the PKC'2009 Algebraic Surface Cryptosystem,
  Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography (PKC 2010),
  Lecture Notes in Computer Science, Springer-Verlag, Vol.6056, pp.35-52,
  May 26-28, 2010, Paris, France.
  
  
• K. Sakumoto, T. Shirai, and H. Hiwatari:
  On the security of the algebraic surface signature scheme,
  電子情報通信学会技術研究報告, Vol.110, No.200, ISEC2010-39, pp.9-12, 2010年9月10日, 機械振興会館, 東京.
  
  
• S. Harada, Y. Wada, S. Uchiyama, and H. Tokunaga:
  On the reduction attack against the algebraic surface public-key cryptosystem(ASC04),
  JSIAM Letters, Vol.3, pp.53-56, 2011.