The complexity of computing the solutions of a system of multivariate polynomial equations by means of Gr\"obner bases computations is upper bounded by a function of the solving degree. In this paper, we discuss how to rigorously estimate the solving degree of a system, focusing on systems arising within public-key cryptography. In particular, we show that it is upper bounded by, and often equal to, the Castelnuovo Mumford regularity of the ideal generated by the homogenization of the equations of the system, or by the equations themselves in case they are homogeneous. We discuss the underlying commutative algebra and clarify under which assumptions the commonly used results hold. In particular, we discuss the assumption of being in generic coordinates (often required for bounds obtained following this type of approach) and prove that systems that contain the field equations or their fake Weil descent are in generic coordinates. We also compare the notion of solving degree with that of degree of regularity, which is commonly used in the literature. We complement the paper with some examples of bounds obtained following the strategy that we describe.
翻译:以 Gr\'obner 基础计算方法计算多变量多元方程系统解决方案的复杂性由解析度函数的上限决定。 在本文中,我们讨论如何严格估计一个系统的解析度,重点是公用钥匙加密中产生的系统。我们特别表明,它由Castelnuovo Mumford 的常规性(通常等于Castelnuovo Mumford)所设定的理想性(该等式的等式是同性产生的)或等式本身(如果这些等式是同性的)所生成的理想性(我们讨论了基底交替代数,并澄清了通常使用的结果所依据的假设。特别是,我们讨论了如何假设一个通用坐标(通常用于按照这种方法获得的界限),并证明包含场方程方程或其假 Weil 血统的系统是通用坐标。我们还比较了解析度概念和文献中常用的规律性程度概念。我们用一些按照我们描述的战略获得的界限的例子来补充该文件。