Summary: Electronic commerce fundamentally requires two different public-key cryptographical primitives, for key agreement and authentication. We present the new encryption scheme MFE, and provide a performance and security review. MFE belongs to the \(\mathcal{MQ}\) class, an alternative class of PKCs also termed polynomial-based, or multivariate. They depend on multivariate quadratic systems being unsolvable.
The classical trapdoors central to PKC’s are modular exponentiation for RSA and discrete logarithms for ElGamal/DSA/ECC. But they are relatively slow and will be obsoleted by the arrival of QC (Quantum Computers). The argument for \(\mathcal{MQ}\)-schemes is that they are usually faster, and there are no known QC-assisted attacks on them.
There are several \(\mathcal{MQ}\) digital signature schemes being investigated today. But encryption (or key exchange schemes) are another story-in fact, only two other \(\mathcal{MQ}\)-encryption schemes remain unbroken. They are both built along “big-field” lines. In contrast MFE uses medium-sized field extensions, which makes it faster. For security and efficiency, MFE employs an iteratively triangular decryption process which involves rational functions (called by some “tractable rational maps”) and taking square roots. We discuss how MFE avoids previously known pitfalls of this genre while addressing its security concerns.
For the entire collection see [Zbl 1098.94003].