Paper 2021/1070

Onyx: New Encryption and Signature Schemes with Multivariate Public Key in Degree 3

Gilles Macario-Rat and Jacques Patarin


In this paper, we present a new secret trapdoor function for the design of multivariate schemes that we call ``Onyx'', suitable for encryption and signature. It has been inspired by the schemes presented in Ariadne Thread and Pepper: New mul-tivariate cryptographic schemes with public keys in degree 3. . From this idea, we present some efficient encryption and signature multivariate schemes with explicit parameters that resist all known attacks. In particular they resist the two main (and often very powerful) attacks in this area: the Gröbner attacks (to compute a solution of the system derived from the public key) and the MinRank attacks (to recover the secret key). Specific attacks due to the properties of the function and its differential are also addressed in this paper. The ``Onyx'' schemes have public key equations of degree 3. Despite this, the size of the public key may still be reasonable since we can use larger fields and smaller extension degrees. Onyx signatures can be as short as the ``birthday paradox'' allows, i.e. twice the security level, or even shorter thanks to the Feistel-Patarin construction, like many other signatures schemes based on multivariate equations.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
public-key cryptographypost-quantum multivariate cryptographyUOVHFEGröbner basisMinRank problemdifferential attacks.
Contact author(s)
gilles macariorat @ orange com
jpatarin @ club-internet fr
2021-12-16: last of 3 revisions
2021-08-23: received
See all versions
Short URL
Creative Commons Attribution


      author = {Gilles Macario-Rat and Jacques Patarin},
      title = {Onyx: New Encryption and Signature Schemes with Multivariate Public Key in Degree 3},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1070},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.