{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T11:24:04Z","timestamp":1774524244754,"version":"3.50.1"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319293592","type":"print"},{"value":"9783319293608","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-29360-8_12","type":"book-chapter","created":{"date-parts":[[2016,2,3]],"date-time":"2016-02-03T05:46:23Z","timestamp":1454478383000},"page":"182-196","source":"Crossref","is-referenced-by-count":28,"title":["Extension Field Cancellation: A New Central Trapdoor for Multivariate Quadratic Systems"],"prefix":"10.1007","author":[{"given":"Alan","family":"Szepieniec","sequence":"first","affiliation":[]},{"given":"Jintai","family":"Ding","sequence":"additional","affiliation":[]},{"given":"Bart","family":"Preneel","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,2,4]]},"reference":[{"key":"12_CR1","unstructured":"NESSIE: New European Schemes for Signatures, Integrity, Encryption 05 November 2014 (2003). \n                    https:\/\/www.cosic.esat.kuleuven.be\/nessie\/"},{"issue":"1","key":"12_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10623-012-9617-2","volume":"69","author":"L Bettale","year":"2013","unstructured":"Bettale, L., Faug\u00e8re, J., Perret, L.: Cryptanalysis of HFE, multi-HFE and variants for odd and even characteristic. Des. Codes Crypt. 69(1), 1\u201352 (2013). \n                    http:\/\/dx.doi.org\/10.1007\/s10623-012-9617-2","journal-title":"Des. Codes Crypt."},{"key":"12_CR3","unstructured":"Billet, O., Patarin, J., Seurin, Y.: Analysis of intermediate field systems. IACR Cryptology ePrint Archive 2009, p. 542 (2009). \n                    http:\/\/eprint.iacr.org\/2009\/542"},{"key":"12_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/3-540-45353-9_20","volume-title":"Topics in Cryptology - CT-RSA 2001","author":"NT Courtois","year":"2001","unstructured":"Courtois, N.T.: The security of Hidden Field Equations (HFE). In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 266\u2013281. Springer, Heidelberg (2001). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-45353-9_20"},{"key":"12_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"724","DOI":"10.1007\/978-3-642-22792-9_41","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"J Ding","year":"2011","unstructured":"Ding, J., Hodges, T.J.: Inverting HFE systems is quasi-polynomial for all fields. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 724\u2013742. Springer, Heidelberg (2011). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-22792-9_41"},{"key":"12_CR6","unstructured":"Ding, J., Kleinjung, T.: Degree of regularity for HFE. In: IACR Cryptology ePrint Archive 2011, p. 570 (2011). \n                    http:\/\/eprint.iacr.org\/2011\/570"},{"key":"12_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1007\/11496137_12","volume-title":"Applied Cryptography and Network Security","author":"J Ding","year":"2005","unstructured":"Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164\u2013175. Springer, Heidelberg (2005). \n                    http:\/\/dx.doi.org\/10.1007\/11496137_12"},{"key":"12_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1007\/978-3-642-38616-9_4","volume-title":"Post-Quantum Cryptography","author":"J Ding","year":"2013","unstructured":"Ding, J., Yang, B.-Y.: Degree of regularity for HFEv and HFEv. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 52\u201366. Springer, Heidelberg (2013). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-38616-9_4"},{"key":"12_CR9","unstructured":"Ding, J., Yang, B., Cheng, C., Chen, C.O., Dubois, V.: Breaking the symmetry: a way to resist the new differential attack. IACR Cryptology ePrint Archive 2007, p. 366 (2007). \n                    http:\/\/eprint.iacr.org\/2007\/366"},{"key":"12_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-74143-5_1","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"V Dubois","year":"2007","unstructured":"Dubois, V., Fouque, P.-A., Shamir, A., Stern, J.: Practical cryptanalysis of SFLASH. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 1\u201312. Springer, Heidelberg (2007). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-540-74143-5_1"},{"key":"12_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"264","DOI":"10.1007\/978-3-540-72540-4_15","volume-title":"Advances in Cryptology - EUROCRYPT 2007","author":"V Dubois","year":"2007","unstructured":"Dubois, V., Fouque, P.-A., Stern, J.: Cryptanalysis of SFLASH with slightly modified parameters. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 264\u2013275. Springer, Heidelberg (2007). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-540-72540-4_15"},{"issue":"1","key":"12_CR12","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1016\/S0022-4049(99)00005-5","volume":"139","author":"JC Faugere","year":"1999","unstructured":"Faugere, J.C.: A new efficient algorithm for computing gr\u00f6bner bases (f 4). J. Pure Appl. Algebra 139(1), 61\u201388 (1999)","journal-title":"J. Pure Appl. Algebra"},{"key":"12_CR13","unstructured":"Faug\u00e8re, J.C.: A new efficient algorithm for computing gr\u00f6bner bases without reduction to zero (f5). In: Proceedings of the 2002 International Symposium on Symbolic and Algebraic Computation, ISSAC 2002, pp. 75\u201383. ACM, New York (2002). \n                    http:\/\/doi.acm.org\/10.1145\/780506.780516"},{"key":"12_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/978-3-540-45146-4_3","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"J-C Faug\u00e8re","year":"2003","unstructured":"Faug\u00e8re, J.-C., Joux, A.: Algebraic cryptanalysis of Hidden Field Equation (HFE) cryptosystems using Gr\u00f6bner bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 44\u201360. Springer, Heidelberg (2003). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-540-45146-4_3"},{"key":"12_CR15","series-title":"Lecture Notes in Computer Science","volume-title":"Post-Quantum Cryptography","year":"2013","unstructured":"Gaborit, P. (ed.): PQCrypto 2013. LNCS, vol. 7932. Springer, Heidelberg (2013). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-38616-9"},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267\u2013288. Springer, Heidelberg (1998). \n                    http:\/\/dx.doi.org\/10.1007\/BFb0054868"},{"key":"12_CR17","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - EUROCRYPT 1999","author":"A Kipnis","year":"1999","unstructured":"Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592. Springer, Heidelberg (1999). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-48910-X_15"},{"key":"12_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1007\/3-540-48405-1_2","volume-title":"Advances in Cryptology - CRYPTO 1999","author":"A Kipnis","year":"1999","unstructured":"Kipnis, A., Shamir, A.: Cryptanalysis of the HFE public key cryptosystem by relinearization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19\u201330. Springer, Heidelberg (1999). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-48405-1_2"},{"key":"12_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"419","DOI":"10.1007\/3-540-45961-8_39","volume-title":"Advances in Cryptology - EUROCRYPT 1988","author":"T Matsumoto","year":"1988","unstructured":"Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: G\u00fcnther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419\u2013453. Springer, Heidelberg (1988). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-45961-8_39"},{"issue":"44","key":"12_CR20","first-page":"114","volume":"42","author":"RJ McEliece","year":"1978","unstructured":"McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. DSN Prog. Rep. 42(44), 114\u2013116 (1978)","journal-title":"DSN Prog. Rep."},{"key":"12_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"248","DOI":"10.1007\/3-540-44750-4_20","volume-title":"Advances in Cryptology - CRYPTO 1995","author":"J Patarin","year":"1995","unstructured":"Patarin, J.: Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt 1988. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 248\u2013261. Springer, Heidelberg (1995). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-44750-4_20"},{"key":"12_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1007\/3-540-68339-9_4","volume-title":"Advances in Cryptology - EUROCRYPT 1996","author":"J Patarin","year":"1996","unstructured":"Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33\u201348. Springer, Heidelberg (1996). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-68339-9_4"},{"key":"12_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1007\/3-540-49649-1_4","volume-title":"Advances in Cryptology - ASIACRYPT 1998","author":"J Patarin","year":"1998","unstructured":"Patarin, J., Goubin, L., Courtois, N.T.: \n                    \n                      \n                    \n                    $$C_-+^*$$\n                   and HM: variations around two schemes of T. Matsumoto and H. Imai. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 35\u201350. Springer, Heidelberg (1998). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-49649-1_4"},{"key":"12_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1007\/978-3-319-11659-4_14","volume-title":"Post-Quantum Cryptography","author":"J Porras","year":"2014","unstructured":"Porras, J., Baena, J., Ding, J.: ZHFE, a new multivariate public key encryption scheme. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 229\u2013245. Springer, Heidelberg (2014). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-319-11659-4_14"},{"key":"12_CR25","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Advances in Cryptology - CRYPTO 1993","author":"A Shamir","year":"1994","unstructured":"Shamir, A.: Efficient signature schemes based on birational permutations. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 1\u201312. Springer, Heidelberg (1994). \n                    http:\/\/dx.doi.org\/10.1007\/3-540-48329-2_1"},{"key":"12_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-12929-2_1","volume-title":"Post-Quantum Cryptography","author":"D Smith-Tone","year":"2010","unstructured":"Smith-Tone, D.: Properties of the discrete differential with cryptographic applications. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 1\u201312. Springer, Heidelberg (2010). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-12929-2_1"},{"key":"12_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/978-3-642-38616-9_16","volume-title":"Post-Quantum Cryptography","author":"C Tao","year":"2013","unstructured":"Tao, C., Diene, A., Tang, S., Ding, J.: Simple matrix scheme for encryption. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 231\u2013242. Springer, Heidelberg (2013). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-38616-9_16"},{"key":"12_CR28","unstructured":"Thomae, E.: About the security of multivariate quadratic public key schemes. Ph.D. thesis, Ruhr-Universit\u00e4t Bochum (2013)"},{"key":"12_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1007\/978-3-642-31410-0_12","volume-title":"Progress in Cryptology - AFRICACRYPT 2012","author":"E Thomae","year":"2012","unstructured":"Thomae, E., Wolf, C.: Cryptanalysis of enhanced TTS, STS and all its variants, or: why cross-terms are important. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 188\u2013202. Springer, Heidelberg (2012). \n                    http:\/\/dx.doi.org\/10.1007\/978-3-642-31410-0_12"},{"issue":"1","key":"12_CR30","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1109\/TIT.1986.1057137","volume":"32","author":"DH Wiedemann","year":"1986","unstructured":"Wiedemann, D.H.: Solving sparse linear equations over finite fields. IEEE Trans. Inf. Theor. 32(1), 54\u201362 (1986)","journal-title":"IEEE Trans. Inf. Theor."},{"issue":"3","key":"12_CR31","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1007\/s10623-006-0015-5","volume":"40","author":"C Wolf","year":"2006","unstructured":"Wolf, C., Braeken, A., Preneel, B.: On the security of stepwise triangular systems. Des. Codes Crypt. 40(3), 285\u2013302 (2006). \n                    http:\/\/dx.doi.org\/10.1007\/s10623-006-0015-5","journal-title":"Des. Codes Crypt."},{"key":"12_CR32","unstructured":"Wolf, C., Preneel, B.: Taxonomy of public key schemes based on the problem of multivariate quadratic equations. In: IACR Cryptology ePrint Archive 2005, p. 77 (2005). \n                    http:\/\/eprint.iacr.org\/2005\/077"}],"container-title":["Lecture Notes in Computer Science","Post-Quantum Cryptography"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-29360-8_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T08:47:05Z","timestamp":1559378825000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-29360-8_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319293592","9783319293608"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-29360-8_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]}}}