Cryptology ePrint Archive: Report 2005/312

A New Efficient Algorithm for Solving Systems of Multivariate Polynomial Equations

Xijin Tang and Yong Feng

Abstract: The security of many recently proposed cryptosystems is based on the difficulty of solving large systems of quadratic multivariate polynomial equations. The classical algorithm for solving such a system is Buchberger's algorithm for constructing Gr\"{o}bner bases. Another algorithm for solving such a system is XL algorithm. For sparse system, Buchberger's algorithm benefits from sparsity of the system, but its complexity is impractical and hard to determine. XL could not make a good use of sparse structure of the system, since XL has no good strategy of choosing the multiply monomials.

In this paper, based on Extended Dixon Resultants, a new algorithm DR is proposed to solve systems of multivariate polynomial equations. The basic idea of DR is to apply Extended Dixon Resultants method to system of multivariate polynomial equations, by taking $x_1 \ldots x_{n-1}$ as variables and $x_n$ as parameter. The time complexity of DR technique is evaluated, it seems to be polynomial when the system is sparse and $m=n$ and mixed volume is polynomial. As far as we know, it is the first algorithm which has better behavior than exhaustive search for some sparse systems over large field. Moreover, DR technique is compared with Buchberger's algorithm and XL technique in this paper. It is shown that DR is far more efficient than Buchberger's algorithm and XL when $m=n$. DR is a quite efficient algorithm, it makes a good use of the sparsity of the sparse system. Besides its efficiency, another advantage of DR is that its complexity is easy to determine.

Category / Keywords: multivariate cryptography, cryptography,polynomial equations over finite field, algebraic attack, Dixon Resultants, DR.

Date: received 5 Sep 2005

Contact author: tangxij at mails gucas ac cn

Available format(s): PDF | BibTeX Citation

Version: 20050912:120940 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]