SECRET - 2015 - Annual activity report

SECRET

SECRET - 2015

Project-Team Secret

Members

Overall Objectives

Research Program

Application Domains

Highlights of the Year

New Results

Bilateral Contracts and Grants with Industry

Bilateral Grants with Industry

Partnerships and Cooperations

Dissemination

Bibliography

Previous |

Home | Next next

Section: New Results

Code-based cryptography

Participants : Rodolfo Canto Torres, Julia Chaulet, Adrien Hauteville, Irene Márquez Corbella, Aurélie Phesso, Nicolas Sendrier, Jean-Pierre Tillich.

The first cryptosystem based on error-correcting codes was a public-key encryption scheme proposed by McEliece in 1978; a dual variant was proposed in 1986 by Niederreiter. We proposed the first (and only) digital signature scheme in 2001. Those systems enjoy very interesting features (fast encryption/decryption, short signature, good security reduction) but also have their drawbacks (large public key, encryption overhead, expensive signature generation). Some of the main issues in this field are

security analysis, implementation and practicality of existing solutions,
reducing the key size, e.g., by using rank metric instead of Hamming metric, or by using particular families of codes,
addressing new functionalities, like hashing or symmetric encryption.

Recent results:

Structural attacks against some variants of the McEliece cryptosystem based on subclasses of alternant/Goppa codes which admit a very compact public matrix, typically quasi-cyclic, quasi-dyadic, or quasi-monoidic matrices [20] . This result is obtained thanks to a new operation on codes called folding that exploits the knowledge of the automorphism group of the code [19] .
Cryptanalysis of a variant of McEliece cryptosystem based on polar codes [40] , [59] .
Cryptanalysis of a code-based encryption scheme proposed by Baldi et al. in the Journal of Cryptology [48] .
Cryptanalysis of a code-based signature scheme proposed at PQCrypto 2013 by Baldi at al. [57] .
Improved algorithm for decoding in the rank metric when some additional information about the targeted codeword is provided [51] ; this algorithm used together with a folding technique leads to a feasible attack on the LRPC cryptosystem.
Design on a new code-based stream cipher, named RankSynd, variant of Synd for the rank metric [50] .
In-depth analysis of the complexity of generic decoding algorithms for linear codes [37] . Most notably, R. Canto Torres and N. Sendrier have investigated the information-set decoding algorithms applied to the case where the number of errors is sub-linear in the code length [46] . This situation appears in the analysis of the McEliece based in quasi-cyclic Moderate Density Parity Check (MDPC) codes.

Previous |

Home | Next next