The computation of Gröbner bases is a difficult task often encountered in cryptanalysis, the destructive aspect of cryptology. As a general rule, such difficult tasks can be reused constructively, as foundations for new cryptosystems. However, for the specific case of the computations of Gröbner bases, this general rule has been challenged [1]. The goal of this paper is to face this challenge and come up with new cryptosystems based on the hardness of computing Gröbner bases. However, the proposed solution is based on a degenerate version of the general problem. In this degenerate version, the ideals are represented by very sparse polynomials containing only two monomials. As shown in the paper, in this degenerate case, the ideal can also be represented by a simpler object: a lattice. Note that many lattice-based cryptosystems have already been proposed in the literature.

After exhibiting this degenerate case, the paper proceeds to construct two examples of these cryptosystems. The first example uses lattices of a special form and the second is a proposal to generalize the NTRU cryptosystem. Of course, these two systems have not yet been thoroughly studied and their security is mostly an open question. The paper precisely ends, asking whether the proposed systems are insecure or whether they contradict the thesis of Barkee et al. [1].