458 research outputs found
Group theory in cryptography
This paper is a guide for the pure mathematician who would like to know more
about cryptography based on group theory. The paper gives a brief overview of
the subject, and provides pointers to good textbooks, key research papers and
recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor
typographical changes. To appear in Proceedings of Groups St Andrews 2009 in
Bath, U
Polynomial-Time Key Recovery Attack on the Faure-Loidreau Scheme based on Gabidulin Codes
Encryption schemes based on the rank metric lead to small public key sizes of
order of few thousands bytes which represents a very attractive feature
compared to Hamming metric-based encryption schemes where public key sizes are
of order of hundreds of thousands bytes even with additional structures like
the cyclicity. The main tool for building public key encryption schemes in rank
metric is the McEliece encryption setting used with the family of Gabidulin
codes. Since the original scheme proposed in 1991 by Gabidulin, Paramonov and
Tretjakov, many systems have been proposed based on different masking
techniques for Gabidulin codes. Nevertheless, over the years all these systems
were attacked essentially by the use of an attack proposed by Overbeck.
In 2005 Faure and Loidreau designed a rank-metric encryption scheme which was
not in the McEliece setting. The scheme is very efficient, with small public
keys of size a few kiloBytes and with security closely related to the
linearized polynomial reconstruction problem which corresponds to the decoding
problem of Gabidulin codes. The structure of the scheme differs considerably
from the classical McEliece setting and until our work, the scheme had never
been attacked. We show in this article that this scheme like other schemes
based on Gabidulin codes, is also vulnerable to a polynomial-time attack that
recovers the private key by applying Overbeck's attack on an appropriate public
code. As an example we break concrete proposed bits security parameters in
a few seconds.Comment: To appear in Designs, Codes and Cryptography Journa
Cryptanalysis of public-key cryptosystems that use subcodes of algebraic geometry codes
We give a polynomial time attack on the McEliece public key cryptosystem
based on subcodes of algebraic geometry (AG) codes. The proposed attack reposes
on the distinguishability of such codes from random codes using the Schur
product. Wieschebrink treated the genus zero case a few years ago but his
approach cannot be extent straightforwardly to other genera. We address this
problem by introducing and using a new notion, which we call the t-closure of a
code
Expanded Gabidulin Codes and Their Application to Cryptography
This paper presents a new family of linear codes, namely the expanded
Gabidulin codes. Exploiting the existing fast decoder of Gabidulin codes, we
propose an efficient algorithm to decode these new codes when the noise vector
satisfies a certain condition. Furthermore, these new codes enjoy an excellent
error-correcting capability because of the optimality of their parent Gabidulin
codes. Based on different masking techniques, we give two encryption schemes by
using expanded Gabidulin codes in the McEliece setting. According to our
analysis, both of these two cryptosystems can resist the existing structural
attacks. Our proposals have an obvious advantage in public-key representation
without using the cyclic or quasi-cyclic structure compared to some other
code-based cryptosystems
- …