Decoding of Interleaved Reed-Solomon Codes Using Improved Power Decoding

We propose a new partial decoding algorithm for $m$-interleaved Reed--Solomon (IRS) codes that can decode, with high probability, a random error of relative weight $1-R^{\frac{m}{m+1}}$ at all code rates $R$, in time polynomial in the code length $n$. For $m>2$, this is an asymptotic improvement over the previous state-of-the-art for all rates, and the first improvement for $R>1/3$ in the last $20$ years. The method combines collaborative decoding of IRS codes with power decoding up to the Johnson radius.Comment: 5 pages, accepted at IEEE International Symposium on Information Theory 201

Improved Decoding of Interleaved AG-Codes

We analyze a generalization of a recent algorithm of Bleichenbacher et al.~for decoding interleaved codes on the $Q$-ary symmetric channel for large $Q$. We will show that for any $m$ and any $\epsilon$ the new algorithms can decode up to a fraction of at least $\frac{\beta m}{\beta m+1}(1-R-2Q^{- 1/2m})-\epsilon$ errors (where $\beta = \frac{\ln(q^m - 1)}{\ln(q^m)}$), and that the error probability of the decoder is upper bounded by $O(1/q^{\epsilon n})$, where $n$ is the block-length. The codes we construct do not have a- priori any bound on their length

Approximate common divisors via lattices

We analyze the multivariate generalization of Howgrave-Graham's algorithm for the approximate common divisor problem. In the m-variable case with modulus N and approximate common divisor of size N^beta, this improves the size of the error tolerated from N^(beta^2) to N^(beta^((m+1)/m)), under a commonly used heuristic assumption. This gives a more detailed analysis of the hardness assumption underlying the recent fully homomorphic cryptosystem of van Dijk, Gentry, Halevi, and Vaikuntanathan. While these results do not challenge the suggested parameters, a 2^(n^epsilon) approximation algorithm with epsilon<2/3 for lattice basis reduction in n dimensions could be used to break these parameters. We have implemented our algorithm, and it performs better in practice than the theoretical analysis suggests. Our results fit into a broader context of analogies between cryptanalysis and coding theory. The multivariate approximate common divisor problem is the number-theoretic analogue of multivariate polynomial reconstruction, and we develop a corresponding lattice-based algorithm for the latter problem. In particular, it specializes to a lattice-based list decoding algorithm for Parvaresh-Vardy and Guruswami-Rudra codes, which are multivariate extensions of Reed-Solomon codes. This yields a new proof of the list decoding radii for these codes.Comment: 17 page

Single-shot security for one-time memories in the isolated qubits model

One-time memories (OTM's) are simple, tamper-resistant cryptographic devices, which can be used to implement sophisticated functionalities such as one-time programs. Can one construct OTM's whose security follows from some physical principle? This is not possible in a fully-classical world, or in a fully-quantum world, but there is evidence that OTM's can be built using "isolated qubits" -- qubits that cannot be entangled, but can be accessed using adaptive sequences of single-qubit measurements. Here we present new constructions for OTM's using isolated qubits, which improve on previous work in several respects: they achieve a stronger "single-shot" security guarantee, which is stated in terms of the (smoothed) min-entropy; they are proven secure against adversaries who can perform arbitrary local operations and classical communication (LOCC); and they are efficiently implementable. These results use Wiesner's idea of conjugate coding, combined with error-correcting codes that approach the capacity of the q-ary symmetric channel, and a high-order entropic uncertainty relation, which was originally developed for cryptography in the bounded quantum storage model.Comment: v2: to appear in CRYPTO 2014. 21 pages, 3 figure