A "medium-field" multivariate public-key encryption scheme

Electronic commerce fundamentally requires two different public-key cryptographical primitives, for key agreement and authentication. We present the new encryption scheme MFE, and provide a performance and security review. MFE belongs to the M Q class, an alternative class of PKCs also termed Polynomial-Based, or multivariate. They depend on multivariate quadratic systems being unsolvable. The classical trapdoors central to PKC's axe modular exponentiation for RSA and discrete logarithms for ElGamal/DSA/ECC. But they are relatively slow and will be obsoleted by the arrival of QC (Quantum Computers). The argument for MQ-schemes is that they axe usually faster, and there are no known QC-assisted attacks on them. There are several MQ digital signature schemes being investigated today. But encryption (or key exchange schemes) are another story in fact, only two other MQ-encryption schemes remain unbroken. They are both built along "big-field" lines. In contrast MFE uses medium-sized field extensions, which makes it faster. For security and efficiency, MFE employs an iteratively triangular decryption process which involves rational functions (called by some "tractable rational maps") and taking square roots. We discuss how MFE avoids previously known pitfalls of this genre while addressing its security concerns.