**FHPKE based on multivariate discrete logarithm problem**

*Masahiro Yagisawa*

**Abstract: **Previously I proposed fully homomorphic public-key encryption (FHPKE) based on discrete logarithm problem which is vulnerable to quantum computer attacks. In this paper I propose FHPKE based on multivariate discrete logarithm assumption. This encryption scheme is thought to withstand to quantum computer attacks. Though I can construct this scheme over many non-commutative rings, I will adopt the FHPKE scheme based on the octonion ring as the typical example for showing how this scheme is constructed. The multivariate discrete logarithm problem (MDLP) is defined such that given f(x), g(x), h(x) and a prime q, final goal is to find m0, m1, n0, n1∈Fq* where h(x)=f ^m0(g^n0(x))+f ^m1(g^n1(x)) mod q over octonion ring.

**Category / Keywords: **fully homomorphic public-key encryption, multivariate discrete logarithm problem, octonion ring, post quantum cryptography

**Original Publication**** (with major differences): **Masahiro, Y. (2017). Fully Homomorphic Public-Key Encryption with Three Ciphertexts which was published by LAP LAMBERT Academic Publishing, Saarbrücken/Germany

**Date: **received 17 May 2017, last revised 17 Jun 2017

**Contact author: **tfkt8398yagi at outlook jp

**Available format(s): **PDF | BibTeX Citation

**Note: **As | h(1)| = |g^(-n)(f^m(g^n(1)))|=|f^m(1)|=α^m mod q, I substitute the public key h(X)= g^(-n)(f^m(g^n(X)))mod q to h(X)= f^m0(g^n0(x))+f^m1(g^n1(x)) mod q where α∈Fq* is a calculable parameter and m0, m1, n0, n1∈Fq* are secret parameters. Then it is difficult to obtain the values of m0, m1, n0, n1 from h(X).

**Version: **20170617:072850 (All versions of this report)

**Short URL: **ia.cr/2017/426

[ Cryptology ePrint archive ]