Welcome to the MQDSS website

MQDSS is a digital signature based on the hardness of the MQ (multivariate quadratic) problem. It is the first multivariate signature scheme whose security has been proven in the random oracle model.

The design of MQDSS follows the Fiat-Shamir paradigm of transforming secure identification schemes into secure digital signatures. It is obtained from the 5-pass SSH (Sakumoto, Shirai, and Hiwatari) identification scheme

MQDSS is one of the candidate algorithms in the NIST post-quantum cryptography project.

The submission proposes two parameter sets with target levels 1-2 and 3-4.

  • MQDSS-31-48 (security level 1-2)
  • MQDSS-31-64 (security level 3-4)

Check the Specification page for more details on the design of MQDSS, and the Software page for reference and optimized implementations.