Degree of regularity for HFE-

In this paper, we prove a closed formula for the degree of regularity of the family of HFE(HFE Minus) multivariate public key cryptosystems over a finite field of size q. The degree of regularity of the polynomial system derived from an HFEsystem is less than or equal to (q − 1)(blogq(D − 1)c+ a) 2 + 2 if q is even and r + a is odd, (q − 1)(blogq(D − 1)c+ a + 1) 2 + 2 otherwise. Here q is the base field size, D the degree of the HFE polynomial, r = blogq(D−1)c+1 and a is the number of removed equations (Minus number). This allows us to present an estimate of the complexity of breaking the HFE Challenge 2: • the complexity to break the HFE Challenge 2 directly using algebraic solvers is about 296.