{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,28]],"date-time":"2026-02-28T13:00:42Z","timestamp":1772283642681,"version":"3.50.1"},"publisher-location":"Cham","reference-count":52,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319706931","type":"print"},{"value":"9783319706948","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-70694-8_2","type":"book-chapter","created":{"date-parts":[[2017,11,29]],"date-time":"2017-11-29T08:53:53Z","timestamp":1511945633000},"page":"37-64","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["An Existential Unforgeable Signature Scheme Based on Multivariate Quadratic Equations"],"prefix":"10.1007","author":[{"given":"Kyung-Ah","family":"Shim","sequence":"first","affiliation":[]},{"given":"Cheol-Min","family":"Park","sequence":"additional","affiliation":[]},{"given":"Namhun","family":"Koo","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,11,30]]},"reference":[{"key":"2_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/978-3-642-31410-0_2","volume-title":"Progress in Cryptology - AFRICACRYPT 2012","author":"SM El Yousfi Alaoui","year":"2012","unstructured":"El Yousfi Alaoui, S.M., Dagdelen, \u00d6., V\u00e9ron, P., Galindo, D., Cayrel, P.-L.: Extended security arguments for signature schemes. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 19\u201334. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-31410-0_2"},{"key":"2_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1007\/978-3-642-54631-0_26","volume-title":"Public-Key Cryptography \u2013 PKC 2014","author":"MR Albrecht","year":"2014","unstructured":"Albrecht, M.R., Faug\u00e9re, J.-C., Fitzpatrick, R., Perret, L., Todo, Y., Xagawa, K.: Practical cryptanalysis of a public-key encryption scheme based on new multivariate quadratic assumptions. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 446\u2013464. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-54631-0_26"},{"key":"2_CR3","unstructured":"Alkim, E., Bindel, N., Buchmann, J., Dagdelen, O., Schwabe, P.: TESLA: tightly-secure efficient signatures from standard lattices, Cryptology ePrint Archive: Report 2015\/755 (2015)"},{"key":"2_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/11745853_14","volume-title":"Public Key Cryptography - PKC 2006","author":"DJ Bernstein","year":"2006","unstructured":"Bernstein, D.J.: Curve25519: new diffie-hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207\u2013228. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11745853_14"},{"key":"2_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1007\/978-3-662-46800-5_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"DJ Bernstein","year":"2015","unstructured":"Bernstein, D.J., et al.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 368\u2013397. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_15"},{"key":"2_CR6","unstructured":"Bernstein, D.J., Lange, T.: eBACS: ECRYPT benchmarking of cryptographic systems. http:\/\/bench.cr.yp.to. Accessed 30 Sept 2016"},{"key":"2_CR7","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1515\/JMC.2009.009","volume":"3","author":"L Bettale","year":"2009","unstructured":"Bettale, L., Faug\u00e9re, J.-C., Perret, L.: Hybrid approach for solving multivariate systems over finite fields. J. Math. Cryptol. 3, 177\u2013197 (2009)","journal-title":"J. Math. Cryptol."},{"key":"2_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"408","DOI":"10.1007\/3-540-45539-6_28","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2000","author":"E Biham","year":"2000","unstructured":"Biham, E.: Cryptanalysis of patarin\u2019s 2-round public key system with S boxes (2R). In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 408\u2013416. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_28"},{"key":"2_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1007\/11832072_23","volume-title":"Security and Cryptography for Networks","author":"O Billet","year":"2006","unstructured":"Billet, O., Gilbert, H.: Cryptanalysis of rainbow. In: Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 336\u2013347. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11832072_23"},{"key":"2_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-662-45611-8_4","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"A Biryukov","year":"2014","unstructured":"Biryukov, A., Bouillaguet, C., Khovratovich, D.: Cryptographic schemes based on the ASASA structure: black-box, white-box, and public-key (extended abstract). In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 63\u201384. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_4"},{"key":"2_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/978-3-540-85053-3_4","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2008","author":"A Bogdanov","year":"2008","unstructured":"Bogdanov, A., Eisenbarth, T., Rupp, A., Wolf, C.: Time-area optimized public-key engines: $$\\cal{MQ}$$-cryptosystems as replacement for elliptic curves? In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 45\u201361. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85053-3_4"},{"key":"2_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-642-04138-9_3","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2009","author":"AI-T Chen","year":"2009","unstructured":"Chen, A.I.-T., et al.: SSE implementation of multivariate PKCs on modern x86 CPUs. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 33\u201348. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04138-9_3"},{"key":"2_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1007\/978-3-662-53890-6_5","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"M-S Chen","year":"2016","unstructured":"Chen, M.-S., H\u00fclsing, A., Rijneveld, J., Samardjiska, S., Schwabe, P.: From 5-pass $$\\cal{MQ}$$-based identification to $$\\cal{MQ}$$-based signatures. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 135\u2013165. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53890-6_5"},{"key":"2_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"402","DOI":"10.1007\/3-540-45682-1_24","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2001","author":"NT Courtois","year":"2001","unstructured":"Courtois, N.T.: Efficient zero-knowledge authentication based on a linear algebra problem MinRank. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 402\u2013421. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45682-1_24"},{"key":"2_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"374","DOI":"10.1007\/978-3-642-33027-8_22","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2012","author":"P Czypek","year":"2012","unstructured":"Czypek, P., Heyse, S., Thomae, E.: Efficient implementations of MQPKS on constrained devices. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 374\u2013389. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33027-8_22"},{"key":"2_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1007\/11496137_12","volume-title":"Applied Cryptography and Network Security","author":"J Ding","year":"2005","unstructured":"Ding, J., Schmidt, D.: Rainbow, a new multivariable polynomial signature scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 164\u2013175. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11496137_12"},{"key":"2_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"242","DOI":"10.1007\/978-3-540-68914-0_15","volume-title":"Applied Cryptography and Network Security","author":"J Ding","year":"2008","unstructured":"Ding, J., Yang, B.-Y., Chen, C.-H.O., Chen, M.-S., Cheng, C.-M.: New differential-algebraic attacks and reparametrization of rainbow. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 242\u2013257. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-68914-0_15"},{"key":"2_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/3-540-48405-1_20","volume-title":"Advances in Cryptology \u2014 CRYPTO 1999","author":"Y Ding-Feng","year":"1999","unstructured":"Ding-Feng, Y., Kwok-Yan, L., Zong-Duo, D.: Cryptanalysis of \u201c2R\u201d schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 315\u2013325. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_20"},{"key":"2_CR19","unstructured":"Ducas, L.: Accelerating bliss: the geometry of ternary polynomials, Cryptology ePrint Archive: Report 2014\/874 (2014)"},{"key":"2_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1007\/978-3-642-40041-4_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"L Ducas","year":"2013","unstructured":"Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal Gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 40\u201356. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_3"},{"issue":"2\u20133","key":"2_CR21","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1007\/s10623-015-0087-1","volume":"77","author":"M D\u00fcll","year":"2015","unstructured":"D\u00fcll, M., Haase, B., Hinterw\u00e4lder, G., Hutter, M., Paar, C., S\u00e1nchez, A.H., Schwabe, P.: High-speed curve25519 on 8-bit, 16-bit and 32-bit microcontrollers. Des. Codes Crypt. 77(2\u20133), 493\u2013514 (2015)","journal-title":"Des. Codes Crypt."},{"key":"2_CR22","doi-asserted-by":"crossref","unstructured":"Faug\u00e9re, J.-C.: A new efficient algorithm for computing Gr\u00f6bner bases without reduction to zero (F5). In: ISSAC 2002, pp. 75\u201383 (2002)","DOI":"10.1145\/780506.780516"},{"key":"2_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"150","DOI":"10.1007\/978-3-662-46447-2_7","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"J-C Faug\u00e8re","year":"2015","unstructured":"Faug\u00e8re, J.-C., Gligoroski, D., Perret, L., Samardjiska, S., Thomae, E.: A polynomial-time key-recovery attack on MQQ cryptosystems. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 150\u2013174. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46447-2_7"},{"key":"2_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1007\/978-3-540-85174-5_16","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"J-C Faug\u00e8re","year":"2008","unstructured":"Faug\u00e8re, J.-C., Levy-dit-Vehel, F., Perret, L.: Cryptanalysis of MinRank. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 280\u2013296. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85174-5_16"},{"key":"2_CR25","doi-asserted-by":"crossref","unstructured":"Faug\u00e9re, J.-C., Perret, L.: High order derivatives and decomposition of multivariate polynomials. In: ACM International Symposium on Symbolic and Algebraic Computation, pp. 207\u2013214 (2009)","DOI":"10.1145\/1576702.1576732"},{"key":"2_CR26","volume-title":"Computers and Intractability: A Guide to the Theory of NP-Completeness","author":"MR Garey","year":"1979","unstructured":"Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman and Company, New York (1979)"},{"key":"2_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1007\/978-3-662-47989-6_23","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"H Gilbert","year":"2015","unstructured":"Gilbert, H., Pl\u00fbt, J., Treger, J.: Key-recovery attack on the ASASA cryptosystem with expanding S-boxes. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 475\u2013490. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47989-6_23"},{"key":"2_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"184","DOI":"10.1007\/978-3-642-32298-3_13","volume-title":"Trusted Systems","author":"D Gligoroski","year":"2012","unstructured":"Gligoroski, D., \u00d8deg\u00e5rd, R.S., Jensen, R.E., Perret, L., Faug\u00e8re, J.-C., Knapskog, S.J., Markovski, S.: MQQ-SIG. In: Chen, L., Yung, M., Zhu, L. (eds.) INTRUST 2011. LNCS, vol. 7222, pp. 184\u2013203. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32298-3_13"},{"key":"2_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/978-3-319-11659-4_9","volume-title":"Post-Quantum Cryptography","author":"J Hoffstein","year":"2014","unstructured":"Hoffstein, J., Pipher, J., Schanck, J.M., Silverman, J.H., Whyte, W.: Transcript secure signatures based on modular lattices. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 142\u2013159. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-11659-4_9"},{"key":"2_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267\u2013288. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0054868"},{"key":"2_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1007\/978-3-642-30057-8_12","volume-title":"Public Key Cryptography \u2013 PKC 2012","author":"Y-J Huang","year":"2012","unstructured":"Huang, Y.-J., Liu, F.-H., Yang, B.-Y.: Public-key cryptography from new multivariate quadratic assumptions. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 190\u2013205. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-30057-8_12"},{"key":"2_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1007\/978-3-662-49384-7_15","volume-title":"Public-Key Cryptography \u2013 PKC 2016","author":"A H\u00fclsing","year":"2016","unstructured":"H\u00fclsing, A., Rijneveld, J., Song, F.: Mitigating multi-target attacks in hash-based signatures. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 387\u2013416. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49384-7_15"},{"key":"2_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1007\/3-540-48910-X_15","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1999","author":"A Kipnis","year":"1999","unstructured":"Kipnis, A., Patarin, J., Goubin, L.: Unbalanced oil and vinegar signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 206\u2013222. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48910-X_15"},{"key":"2_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1007\/BFb0055733","volume-title":"Advances in Cryptology \u2014 CRYPTO 1998","author":"A Kipnis","year":"1998","unstructured":"Kipnis, A., Shamir, A.: Cryptanalysis of the oil and vinegar signature scheme. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 257\u2013266. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0055733"},{"key":"2_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/978-3-642-34931-7_27","volume-title":"Progress in Cryptology - INDOCRYPT 2012","author":"G Landais","year":"2012","unstructured":"Landais, G., Sendrier, N.: Implementing CFS. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 474\u2013488. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34931-7_27"},{"key":"2_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"419","DOI":"10.1007\/3-540-45961-8_39","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1988","author":"T Matsumoto","year":"1988","unstructured":"Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Barstow, D., Brauer, W., Brinch Hansen, P., Gries, D., Luckham, D., Moler, C., Pnueli, A., Seegm\u00fcller, G., Stoer, J., Wirth, N., G\u00fcnther, C.G. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419\u2013453. Springer, Heidelberg (1988). https:\/\/doi.org\/10.1007\/3-540-45961-8_39"},{"key":"2_CR37","unstructured":"McEliece, R.: A public-key cryptosystem based on algebraic coding theory, DSN progress report 42\u201344. Jet Propulsion Laboratories, Pasadena (1978)"},{"key":"2_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1007\/3-540-48184-2_32","volume-title":"Advances in Cryptology \u2014 CRYPTO 1987","author":"RC Merkle","year":"1988","unstructured":"Merkle, R.C.: A digital signature based on a conventional encryption function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369\u2013378. Springer, Heidelberg (1988). https:\/\/doi.org\/10.1007\/3-540-48184-2_32"},{"key":"2_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-662-48800-3_1","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2015","author":"B Minaud","year":"2015","unstructured":"Minaud, B., Derbez, P., Fouque, P.-A., Karpman, P.: Key-recovery attacks on ASASA. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 3\u201327. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48800-3_1"},{"key":"2_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/3-540-68339-9_4","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1996","author":"J Patarin","year":"1996","unstructured":"Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33\u201348. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68339-9_4"},{"key":"2_CR41","unstructured":"Patarin, J.: The oil and vinegar signature scheme. In: Dagstuhl Workshop on Cryptography, September 1997"},{"key":"2_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/3-540-45353-9_21","volume-title":"Topics in Cryptology \u2014 CT-RSA 2001","author":"J Patarin","year":"2001","unstructured":"Patarin, J., Courtois, N., Goubin, L.: QUARTZ, 128-bit long digital signatures. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 282\u2013297. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45353-9_21"},{"key":"2_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1007\/BFb0028492","volume-title":"Information and Communications Security","author":"J Patarin","year":"1997","unstructured":"Patarin, J., Goubin, L.: Asymmetric cryptography with S-boxes is it easier than expected to design efficient asymmetric cryptosystems? In: Han, Y., Okamoto, T., Qing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 369\u2013380. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0028492"},{"key":"2_CR44","unstructured":"Petzoldt, A.: Selecting and reducing key sizes for multivariate cryptography, Ph.D. thesis (2013)"},{"key":"2_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-662-48797-6_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2015","author":"A Petzoldt","year":"2015","unstructured":"Petzoldt, A., Chen, M.-S., Yang, B.-Y., Tao, C., Ding, J.: Design principles for HFEv- based multivariate signature schemes. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 311\u2013334. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48797-6_14"},{"key":"2_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1007\/978-3-319-22174-8_19","volume-title":"Progress in Cryptology \u2013 LATINCRYPT 2015","author":"T P\u00f6ppelmann","year":"2015","unstructured":"P\u00f6ppelmann, T., Oder, T., G\u00fcneysu, T.: High-performance ideal lattice-based cryptography on 8-bit ATxmega microcontrollers. In: Lauter, K., Rodr\u00edguez-Henr\u00edquez, F. (eds.) LATINCRYPT 2015. LNCS, vol. 9230, pp. 346\u2013365. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22174-8_19"},{"key":"2_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"706","DOI":"10.1007\/978-3-642-22792-9_40","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"K Sakumoto","year":"2011","unstructured":"Sakumoto, K., Shirai, T., Hiwatari, H.: Public-key identification schemes based on multivariate quadratic polynomials. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 706\u2013723. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_40"},{"key":"2_CR48","unstructured":"Shallit, J.O., Frandsen, G.S., Buss, J.F.: The computational complexity of some problems of linear algebra, BRICS series report, Aarhus, Denmark, RS-96-33. http:\/\/www.brics.dk\/RS\/96\/33"},{"issue":"5","key":"2_CR49","doi-asserted-by":"publisher","first-page":"1484","DOI":"10.1137\/S0097539795293172","volume":"26","author":"PW Shor","year":"1997","unstructured":"Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484\u20131509 (1997)","journal-title":"SIAM J. Comput."},{"key":"2_CR50","unstructured":"Thomae, E.: About the security of multivariate quadratic public key schemes, Dissertation Thesis by Dipl. math. E. Thomae, RUB (2013)"},{"key":"2_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/978-3-540-30580-4_19","volume-title":"Public Key Cryptography - PKC 2005","author":"C Wolf","year":"2005","unstructured":"Wolf, C., Preneel, B.: Large superfluous keys in $$\\cal{M}$$ultivariate $$\\cal{Q}$$uadratic asymmetric systems. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 275\u2013287. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-30580-4_19"},{"key":"2_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"518","DOI":"10.1007\/11506157_43","volume-title":"Information Security and Privacy","author":"B-Y Yang","year":"2005","unstructured":"Yang, B.-Y., Chen, J.-M.: Building secure tame-like multivariate public-key cryptosystems: the new TTS. In: Boyd, C., Gonz\u00e1lez Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 518\u2013531. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11506157_43"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2017"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-70694-8_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,27]],"date-time":"2025-06-27T19:42:50Z","timestamp":1751053370000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-70694-8_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319706931","9783319706948"],"references-count":52,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-70694-8_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"30 November 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hong Kong","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 December 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/asiacrypt.iacr.org\/2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}