Algorithm for Solving Massively Underdefined Systems of Multivariate Quadratic Equations over Finite Fields

Solving systems of m multivariate quadratic equations in n variables (MQ-problem) over finite fields is NP-hard. The security of many cryptographic systems is based on this problem. Up to now, the best algorithm for solving the underdefined MQ-problem is Hiroyuki Miura et al.'s algorithm, which is a polynomial-time algorithm when [n \ge m(m + 3)/2] and the characteristic of the field is even. In order to get a wider applicable range, we reduce the underdefined MQ-problem to the problem of finding square roots over finite field, and then combine with the guess and determine method. In this way, the applicable range is extended to [n \ge m(m + 1)/2], which is the widest range until now. Theory analysis indicates that the complexity of our algorithm is [O(q{n^\omega }m{(\log {\kern 1pt} {\kern 1pt} q)^2}){\kern 1pt} ] when characteristic of the field is even and [O(q{2^m}{n\omega }m{(\log {\kern 1pt} {\kern 1pt} q)^2})] when characteristic of the field is odd, where [2 \le \omega \le 3] is the complexity of Gaussian elimination.