1,049 research outputs found
A Distinguisher-Based Attack on a Variant of McEliece's Cryptosystem Based on Reed-Solomon Codes
Baldi et \textit{al.} proposed a variant of McEliece's cryptosystem. The main
idea is to replace its permutation matrix by adding to it a rank 1 matrix. The
motivation for this change is twofold: it would allow the use of codes that
were shown to be insecure in the original McEliece's cryptosystem, and it would
reduce the key size while keeping the same security against generic decoding
attacks. The authors suggest to use generalized Reed-Solomon codes instead of
Goppa codes. The public code built with this method is not anymore a
generalized Reed-Solomon code. On the other hand, it contains a very large
secret generalized Reed-Solomon code. In this paper we present an attack that
is built upon a distinguisher which is able to identify elements of this secret
code. The distinguisher is constructed by considering the code generated by
component-wise products of codewords of the public code (the so-called "square
code"). By using square-code dimension considerations, the initial generalized
Reed-Solomon code can be recovered which permits to decode any ciphertext. A
similar technique has already been successful for mounting an attack against a
homomorphic encryption scheme suggested by Bogdanoc et \textit{al.}. This work
can be viewed as another illustration of how a distinguisher of Reed-Solomon
codes can be used to devise an attack on cryptosystems based on them.Comment: arXiv admin note: substantial text overlap with arXiv:1203.668
LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes
This work presents a new code-based key encapsulation mechanism (KEM) called
LEDAkem. It is built on the Niederreiter cryptosystem and relies on
quasi-cyclic low-density parity-check codes as secret codes, providing high
decoding speeds and compact keypairs. LEDAkem uses ephemeral keys to foil known
statistical attacks, and takes advantage of a new decoding algorithm that
provides faster decoding than the classical bit-flipping decoder commonly
adopted in this kind of systems. The main attacks against LEDAkem are
investigated, taking into account quantum speedups. Some instances of LEDAkem
are designed to achieve different security levels against classical and quantum
computers. Some performance figures obtained through an efficient C99
implementation of LEDAkem are provided.Comment: 21 pages, 3 table
Using LDGM Codes and Sparse Syndromes to Achieve Digital Signatures
In this paper, we address the problem of achieving efficient code-based
digital signatures with small public keys. The solution we propose exploits
sparse syndromes and randomly designed low-density generator matrix codes.
Based on our evaluations, the proposed scheme is able to outperform existing
solutions, permitting to achieve considerable security levels with very small
public keys.Comment: 16 pages. The final publication is available at springerlink.co
A Non-commutative Cryptosystem Based on Quaternion Algebras
We propose BQTRU, a non-commutative NTRU-like cryptosystem over quaternion
algebras. This cryptosystem uses bivariate polynomials as the underling ring.
The multiplication operation in our cryptosystem can be performed with high
speed using quaternions algebras over finite rings. As a consequence, the key
generation and encryption process of our cryptosystem is faster than NTRU in
comparable parameters. Typically using Strassen's method, the key generation
and encryption process is approximately times faster than NTRU for an
equivalent parameter set. Moreover, the BQTRU lattice has a hybrid structure
that makes inefficient standard lattice attacks on the private key. This
entails a higher computational complexity for attackers providing the
opportunity of having smaller key sizes. Consequently, in this sense, BQTRU is
more resistant than NTRU against known attacks at an equivalent parameter set.
Moreover, message protection is feasible through larger polynomials and this
allows us to obtain the same security level as other NTRU-like cryptosystems
but using lower dimensions.Comment: Submitted for possible publicatio
- …