On improving security of GPT cryptosystems

The public key cryptosystem based on rank error correcting codes (the GPT cryptosystem) was proposed in 1991. Use of rank codes in cryptographic applications is advantageous since it is practically impossible to utilize combinatoric decoding. This enabled using public keys of a smaller size. Several attacks against this system were published, including Gibson's attacks and more recently Overbeck's attacks. A few modifications were proposed withstanding Gibson's attack but at least one of them was broken by the stronger attacks by Overbeck. A tool to prevent Overbeck's attack is presented in [12]. In this paper, we apply this approach to other variants of the GPT cryptosystem.Comment: 5 pages. submitted ISIT 2009.Processed on IEEE ISIT201

A Smart Approach for GPT Cryptosystem Based on Rank Codes

The concept of Public- key cryptosystem was innovated by McEliece's cryptosystem. The public key cryptosystem based on rank codes was presented in 1991 by Gabidulin -Paramonov-Trejtakov(GPT). The use of rank codes in cryptographic applications is advantageous since it is practically impossible to utilize combinatoric decoding. This has enabled using public keys of a smaller size. Respective structural attacks against this system were proposed by Gibson and recently by Overbeck. Overbeck's attacks break many versions of the GPT cryptosystem and are turned out to be either polynomial or exponential depending on parameters of the cryptosystem. In this paper, we introduce a new approach, called the Smart approach, which is based on a proper choice of the distortion matrix X. The Smart approach allows for withstanding all known attacks even if the column scrambler matrix P over the base field Fq.Comment: 5 pages. to appear in Proceedings of IEEE ISIT201

Polynomial-Time Key Recovery Attack on the Faure-Loidreau Scheme based on Gabidulin Codes

Encryption schemes based on the rank metric lead to small public key sizes of order of few thousands bytes which represents a very attractive feature compared to Hamming metric-based encryption schemes where public key sizes are of order of hundreds of thousands bytes even with additional structures like the cyclicity. The main tool for building public key encryption schemes in rank metric is the McEliece encryption setting used with the family of Gabidulin codes. Since the original scheme proposed in 1991 by Gabidulin, Paramonov and Tretjakov, many systems have been proposed based on different masking techniques for Gabidulin codes. Nevertheless, over the years all these systems were attacked essentially by the use of an attack proposed by Overbeck. In 2005 Faure and Loidreau designed a rank-metric encryption scheme which was not in the McEliece setting. The scheme is very efficient, with small public keys of size a few kiloBytes and with security closely related to the linearized polynomial reconstruction problem which corresponds to the decoding problem of Gabidulin codes. The structure of the scheme differs considerably from the classical McEliece setting and until our work, the scheme had never been attacked. We show in this article that this scheme like other schemes based on Gabidulin codes, is also vulnerable to a polynomial-time attack that recovers the private key by applying Overbeck's attack on an appropriate public code. As an example we break concrete proposed $80$ bits security parameters in a few seconds.Comment: To appear in Designs, Codes and Cryptography Journa

An extension of Overbeck's attack with an application to cryptanalysis of Twisted Gabidulin-based schemes

In the present article, we discuss the decoding of Gabidulin and related codes from a cryptographic perspective and we observe that these codes can be decoded with the single knowledge of a generator matrix. Then, we extend and revisit Gibson's and Overbeck's attacks on the generalised GPT encryption scheme (instantiated with Gabidulin codes) for various ranks of the distortion matrix and apply our attack to the case of an instantiation with twisted Gabidulin codes

An IND-CCA Rank Metric Encryption Scheme Implementation

TCC(graduação) - Universidade Federal de Santa Catarina. Centro Tecnológico. Ciências da Computação.The advances in the field of quantum computation impose a severe threat to the cryptographic primitives used nowadays. In particular, the community predicts public-key cryptography will be turned completely obsolete if these computers are ever produced. In the light of these facts, researchers are contributing in a great effort to preserve current information systems against quantum attacks. Post-quantum cryptography is the area of research that aims to develop cryptographic systems to resist against both quantum and classical computers while assuring interoperability with existing networks and protocols. This work considers the use of Gabidulin codes—a class of error-correcting codes using rank metric—in the construction of encryption schemes. We first introduce error-correcting codes in general and Gabidulin codes in particular. Then, we present the use of these codes in the context of public-key encryption schemes and show that, while providing the possibility of smaller key sizes, they are especially challenging in terms of security. We present the scheme proposed in Loidreau in 2017, showing that although correcting the main weakness in previous propositions, it is still insecure related to chosen-ciphertext attacks. Then, we present a modification to the scheme, proposed by Shehhi et al. to achieve CCA security, and provide an implementation. We also analyze the theoretical complexity of recent attacks to rank-based cryptography and propose a set of parameters for the scheme

A Public-Key Cryptosystem Using Cyclotomic Matrices

Confidentiality and Integrity are two paramount objectives in the evaluation of information and communication technology. In this paper, we propose an arithmetic approach for designing asymmetric key cryptography. Our method is based on the formulation of cyclotomic matrices correspond to the diophantine system. The proposed cyclotomic asymmetric cryptosystem (CAC) utilizes the cyclotomic matrices, whose entries are cyclotomic numbers of order $2l^{2}$, $l$ be prime over a finite field $\mathbb{F}_{p}$ of $p$ elements. The method utilize cyclotomic matrices to design a one-way function. The outcome of a one-way function that is efficient to compute however difficult to compute its inverse unless if secret data about the trapdoor is known. We demonstrate that the encryption and decryption can be efficiently performed with asymptotic complexity of $\mathcal{O}(e^{2.373})$. Besides, we study the computational complexity of the CAC