diff --git a/include/codecrypt.h b/include/codecrypt.h
index a01c0c2..6669479 100644
--- a/include/codecrypt.h
+++ b/include/codecrypt.h
@@ -50,6 +50,7 @@ public:
 /*
  * matrix over GF(2) is a vector of columns
  */
+class permutation;
 class matrix : public std::vector<bvector>
 {
 protected:
@@ -71,6 +72,9 @@ public:
 	bool compute_inversion (matrix&);
 	void generate_random_invertible (uint, prng&);
 	void unit (uint);
+	bool get_left_square (matrix&);
+	bool strip_left_square (matrix&);
+	bool goppa_systematic_form (matrix&, permutation&, prng&);
 };
 
 /*
@@ -141,12 +145,12 @@ class privkey
 public:
 	matrix Sinv;
 	permutation Pinv;
-
-	matrix h;
-	permutation hsys;
-
 	polynomial g;
-	matrix sqInv; //"cache"
+
+	// derivable things not needed in actual key
+	matrix h;
+	permutation hperm;
+	matrix sqInv;
 
 	int decrypt (const bvector&, bvector&);
 	int sign (const bvector&, bvector&, uint, uint, prng&);
diff --git a/lib/matrix.cpp b/lib/matrix.cpp
index 4492659..f44b695 100644
--- a/lib/matrix.cpp
+++ b/lib/matrix.cpp
@@ -109,3 +109,34 @@ void matrix::generate_random_invertible (uint size, prng & rng)
 	p.permute (lt, *this);
 }
 
+bool matrix::get_left_square (matrix&r)
+{
+	uint h = height();
+	if (width() < h) return false;
+	r.resize (h);
+	for (uint i = 0; i < h; ++i) r[i] = item (i);
+	return true;
+}
+
+bool matrix::strip_left_square (matrix&r)
+{
+	uint h = height(), w = width();
+	if (w < h) return false;
+	r.resize (w - h);
+	for (uint i = 0; i < w - h; ++i) r[i] = item (h + i);
+	return true;
+}
+
+bool matrix::goppa_systematic_form (matrix&m, permutation&p, prng&rng)
+{
+	matrix t, sinv, s;
+
+	p.generate_random (width(), rng);
+	p.permute (*this, t);
+	t.get_left_square (sinv);
+	if (!sinv.compute_inversion (s) ) return false; //meant to be retried.
+
+	s.mult (t);
+	s.strip_left_square (m);
+	return 0;
+}