This book discusses the current research concerning public key cryptosystems. It begins with an introduction to the basic concepts of multivariate cryptography and the history of this field. The authors provide a detailed description and security analysis of the most important multivariate public key schemes, including the four multivariate signature schemes participating as second round candidates in the NIST standardization process for post-quantum cryptosystems. Furthermore, this book covers the Simple Matrix encryption scheme, which is currently the most promising multivariate public key encryption scheme. This book also covers the current state of security analysis methods for Multivariate Public Key Cryptosystems including the algorithms and theory of solving systems of multivariate polynomial equations over finite fields. Through the book's website, interested readers can find source code to the algorithms handled in this book. In 1994, Dr. Peter Shor from Bell Laboratories proposed a quantum algorithm solving the Integer Factorization and the Discrete Logarithm problem in polynomial time, thus making all of the currently used public key cryptosystems, such as RSA and ECC insecure. Therefore, there is an urgent need for alternative public key schemes which are resistant against quantum computer attacks. Researchers worldwide, as well as companies and governmental organizations have put a tremendous effort into the development of post-quantum public key cryptosystems to meet this challenge. One of the most promising candidates for this are Multivariate Public Key Cryptosystems (MPKCs). The public key of an MPKC is a set of multivariate polynomials over a small finite field. Especially for digital signatures, numerous well-studied multivariate schemes offering very short signatures and high efficiency exist. The fact that these schemes work over small finite fields, makes them suitable not only for interconnected computer systems, but also for small devices with limited resources, which are used in ubiquitous computing. This book gives a systematic introduction into the field of Multivariate Public Key Cryptosystems (MPKC), and presents the most promising multivariate schemes for digital signatures and encryption. Although, this book was written more from a computational perspective, the authors try to provide the necessary mathematical background. Therefore, this book is suitable for a broad audience. This would include researchers working in either computer science or mathematics interested in this exciting new field, or as a secondary textbook for a course in MPKC suitable for beginning graduate students in mathematics or computer science. Information security experts in industry, computer scientists and mathematicians would also find this book valuable as a guide for understanding the basic mathematical structures necessary to implement multivariate cryptosystems for practical applications.

Multivariate public key cryptosystems (MPKC) is a fast-developing area in cryptography. This book systematically presents the subject matter for a broad audience and is the first book to focus on this exciting new topic. Information security experts in industry can use the book as a guide for understanding what is needed to implement these cryptosystems for practical applications, and researchers in both computer science and mathematics will find it a good starting point for exploring this new field. It is also suitable as a textbook for advanced-level students.

Threedecadesagopublic-keycryptosystemsmadea revolutionarybreakthrough in cryptography. They have developed into an indispensable part of our m- ern communication system. In practical applications RSA, DSA, ECDSA, and similar public key cryptosystems are commonly used. Their security depends on assumptions about the di?culty of certain problems in number theory, such as the Integer Prime Factorization Problem or the Discrete Logarithm Problem. However, in 1994 Peter Shor showed that quantum computers could break any public-key cryptosystembased on these hard number theory problems. This means that if a reasonably powerful quantum computer could be built, it would put essentially all modern communication into peril. In 2001, Isaac Chuang and NeilGershenfeldimplemented Shor'salgorithmona7-qubitquantumcomputer. In 2007 a 16-qubit quantum computer was demonstrated by a start-up company with the prediction that a 512-qubit or even a 1024-qubit quantum computer would become available in 2008. Some physicists predicted that within the next 10 to 20 years quantum computers will be built that are su?ciently powerful to implement Shor's ideas and to break all existing public key schemes. Thus we need to look ahead to a future of quantum computers, and we need to prepare the cryptographic world for that future.

This volume constitutes the proceedings of the 11th International Conference on post-quantum cryptography, PQCrypto 2020, held in Paris, France in April 2020. The 29 full papers presented in this volume were carefully reviewed and selected from 86 submissions. They cover a broad spectrum of research within the conference's scope, including code-, hash-, isogeny-, and lattice-based cryptography, multivariate cryptography, and quantum cryptanalysis.

This book constitutes the refereed proceedings of the 9th International Workshop on Post-Quantum Cryptography, PQCrypto 2018, held in Fort Lauderdale, FL, USA, in April 2018. The 24 revised full papers presented were carefully reviewed and selected from 97 submissions. The papers are organized in topical sections on Lattice-based Cryptography, Learning with Errors, Cryptanalysis, Key Establishment, Isogeny-based Cryptography, Hash-based cryptography, Code-based Cryptography.