Cryptanalysis of a key agreement protocol over the ring of multivariate polynomials
Sakalauskas et al. proposed a key agreement protocol based on multivariate polynomials. We find that it's not secure for several reasons. In this paper, we show that the protocol has at least two problems. One is the neglect of a notion in matrix theory named minimum polynomial, which makes it very vulnerable to brutal force attacks. The other is that the scheme has a structural problem that make the scheme linearized easily.