Paper 2023/1650
An Efficient Variant of F4 Algorithm for Solving MQ Problem
Abstract
In this paper, we propose an enhanced variant of the F4 algorithm specifically designed for efficiently solving multivariate quadratic (MQ) problems, which are central to many post-quantum cryptographic schemes. Our approach overcomes a major inefficiency of conventional F4 by integrating a Hilbert-driven strategy that determines the optimal number of S-polynomials to generate at each degree, thereby reducing unnecessary zero reductions. We further introduce refined pair selection techniques that prioritize candidates yielding S-polynomials with smaller leading terms, which in turn minimizes the dimensions of intermediate matrices used during reduction. Experimental results show that our implementation outperforms state-of-the-art systems such as M4GB and Magma's F4 in both single-core and multi-core environments. Notably, our method sets new records in the Fukuoka MQ Challenge for Type VI problems over $\mathbb{F}_{31}$ with $m = 21$ and $m = 22$, demonstrating the robustness and practical impact of our approach in solving highly challenging MQ instances.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- post-quantum cryptographymultivariate cryptographyMQ problemGroebner basis
- Contact author(s)
-
sakata-kosuke-rb @ g ecc u-tokyo ac jp
takagi @ g ecc u-tokyo ac jp - History
- 2025-05-19: last of 2 revisions
- 2023-10-25: received
- See all versions
- Short URL
- https://ia.cr/2023/1650
- License
-
CC0
BibTeX
@misc{cryptoeprint:2023/1650,
author = {Kosuke Sakata and Tsuyoshi Takagi},
title = {An Efficient Variant of F4 Algorithm for Solving {MQ} Problem},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/1650},
year = {2023},
url = {https://eprint.iacr.org/2023/1650}
}