17 research outputs found
Improving the efficiency of the LDPC code-based McEliece cryptosystem through irregular codes
We consider the framework of the McEliece cryptosystem based on LDPC codes,
which is a promising post-quantum alternative to classical public key
cryptosystems. The use of LDPC codes in this context allows to achieve good
security levels with very compact keys, which is an important advantage over
the classical McEliece cryptosystem based on Goppa codes. However, only regular
LDPC codes have been considered up to now, while some further improvement can
be achieved by using irregular LDPC codes, which are known to achieve better
error correction performance than regular LDPC codes. This is shown in this
paper, for the first time at our knowledge. The possible use of irregular
transformation matrices is also investigated, which further increases the
efficiency of the system, especially in regard to the public key size.Comment: 6 pages, 3 figures, presented at ISCC 201
Optimization of the parity-check matrix density in QC-LDPC code-based McEliece cryptosystems
Low-density parity-check (LDPC) codes are one of the most promising families
of codes to replace the Goppa codes originally used in the McEliece
cryptosystem. In fact, it has been shown that by using quasi-cyclic low-density
parity-check (QC-LDPC) codes in this system, drastic reductions in the public
key size can be achieved, while maintaining fixed security levels. Recently,
some proposals have appeared in the literature using codes with denser
parity-check matrices, named moderate-density parity-check (MDPC) codes.
However, the density of the parity-check matrices to be used in QC-LDPC
code-based variants of the McEliece cryptosystem has never been optimized. This
paper aims at filling such gap, by proposing a procedure for selecting the
density of the private parity-check matrix, based on the security level and the
decryption complexity. We provide some examples of the system parameters
obtained through the proposed technique.Comment: 10 pages, 4 figures. To be presented at IEEE ICC 2013 - Workshop on
Information Security over Noisy and Lossy Communication Systems. Copyright
transferred to IEE
The decoding failure probability of MDPC codes
Moderate Density Parity Check (MDPC) codes are defined here as codes which
have a parity-check matrix whose row weight is where is the
length of the code. They can be decoded like LDPC codes but they decode
much less errors than LDPC codes: the number of errors they can decode in this
case is of order . Despite this fact they have been proved
very useful in cryptography for devising key exchange mechanisms. They have
also been proposed in McEliece type cryptosystems. However in this case, the
parameters that have been proposed in \cite{MTSB13} were broken in
\cite{GJS16}. This attack exploits the fact that the decoding failure
probability is non-negligible. We show here that this attack can be thwarted by
choosing the parameters in a more conservative way. We first show that such
codes can decode with a simple bit-flipping decoder any pattern of
errors. This avoids the
previous attack at the cost of significantly increasing the key size of the
scheme. We then show that under a very reasonable assumption the decoding
failure probability decays almost exponentially with the codelength with just
two iterations of bit-flipping. With an additional assumption it has even been
proved that it decays exponentially with an unbounded number of iterations and
we show that in this case the increase of the key size which is required for
resisting to the attack of \cite{GJS16} is only moderate
Analysis of reaction and timing attacks against cryptosystems based on sparse parity-check codes
In this paper we study reaction and timing attacks against cryptosystems
based on sparse parity-check codes, which encompass low-density parity-check
(LDPC) codes and moderate-density parity-check (MDPC) codes. We show that the
feasibility of these attacks is not strictly associated to the quasi-cyclic
(QC) structure of the code but is related to the intrinsically probabilistic
decoding of any sparse parity-check code. So, these attacks not only work
against QC codes, but can be generalized to broader classes of codes. We
provide a novel algorithm that, in the case of a QC code, allows recovering a
larger amount of information than that retrievable through existing attacks and
we use this algorithm to characterize new side-channel information leakages. We
devise a theoretical model for the decoder that describes and justifies our
results. Numerical simulations are provided that confirm the effectiveness of
our approach
Security and complexity of the McEliece cryptosystem based on QC-LDPC codes
In the context of public key cryptography, the McEliece cryptosystem
represents a very smart solution based on the hardness of the decoding problem,
which is believed to be able to resist the advent of quantum computers. Despite
this, the original McEliece cryptosystem, based on Goppa codes, has encountered
limited interest in practical applications, partly because of some constraints
imposed by this very special class of codes. We have recently introduced a
variant of the McEliece cryptosystem including low-density parity-check codes,
that are state-of-the-art codes, now used in many telecommunication standards
and applications. In this paper, we discuss the possible use of a bit-flipping
decoder in this context, which gives a significant advantage in terms of
complexity. We also provide theoretical arguments and practical tools for
estimating the trade-off between security and complexity, in such a way to give
a simple procedure for the system design.Comment: 22 pages, 1 figure. This paper is a preprint of a paper accepted by
IET Information Security and is subject to Institution of Engineering and
Technology Copyright. When the final version is published, the copy of record
will be available at IET Digital Librar
Green Bitcoin: Global Sound Money
Modern societies have adopted government-issued fiat currencies many of which
exist today mainly in the form of digits in credit and bank accounts. Fiat
currencies are controlled by central banks for economic stimulation and
stabilization. Boom-and-bust cycles are created. The volatility of the cycle
has become increasingly extreme. Social inequality due to the concentration of
wealth is prevalent worldwide. As such, restoring sound money, which provides
stored value over time, has become a pressing issue. Currently,
cryptocurrencies such as Bitcoin are in their infancy and may someday qualify
as sound money. Bitcoin today is considered as a digital asset for storing
value. But Bitcoin has problems. The first issue of the current Bitcoin network
is its high energy consumption consensus mechanism. The second is the
cryptographic primitives which are unsafe against post-quantum (PQ) attacks. We
aim to propose Green Bitcoin which addresses both issues. To save energy in
consensus mechanism, we introduce a post-quantum secure (self-election)
verifiable coin-toss function and novel PQ secure proof-of-computation
primitives. It is expected to reduce the rate of energy consumption more than
90 percent of the current Bitcoin network. The elliptic curve cryptography will
be replaced with PQ-safe versions. The Green Bitcoin protocol will help Bitcoin
evolve into a post-quantum secure network.Comment: 16 page