Algorithm for Solving Massively Underdefined Systems of Multivariate Quadratic Equations over Finite Fields

Solving systems of m multivariate quadratic equations in n variables (MQ-problem) over finite fields is NP-hard. The security of many cryptographic systems is based on this problem. Up to now, the best algorithm for solving the underdefined MQ-problem is Hiroyuki Miura et al.'s algorithm, which is a polynomial-time algorithm when \[n \ge m(m + 3)/2\] and the characteristic of the field is even. In order to get a wider applicable range, we reduce the underdefined MQ-problem to the problem of finding square roots over finite field, and then combine with the guess and determine method. In this way, the applicable range is extended to \[n \ge m(m + 1)/2\], which is the widest range until now. Theory analysis indicates that the complexity of our algorithm is \[O(q{n^\omega }m{(\log {\kern 1pt} {\kern 1pt} q)^2}){\kern 1pt} \] when characteristic of the field is even and \[O(q{2^m}{n^\omega }m{(\log {\kern 1pt} {\kern 1pt} q)^2})\] when characteristic of the field is odd, where \[2 \le \omega \le 3\] is the complexity of Gaussian elimination.