Transitive and self-dual codes attaining the Tsfasman-Vladut-Zink bound

A major problem in coding theory is the question of whether the class of cyclic codes is asymptotically good. In this correspondence-as a generalization of cyclic codes-the notion of transitive codes is introduced (see Definition 1.4 in Section I), and it is shown that the class of transitive codes is asymptotically good. Even more, transitive codes attain the Tsfasman-Vladut-Zink bound over F-q, for all squares q = l(2). It is also shown that self-orthogonal and self-dual codes attain the Tsfasman-Vladut-Zink bound, thus improving previous results about self-dual codes attaining the Gilbert-Varshamov bound. The main tool is a new asymptotically optimal tower E-0 subset of E-1 subset of E-2 subset of center dot center dot center dot of function fields over F-q (with q = l(2)), where all extensions E-n/E-0 are Galois

Decoding square-free Goppa codes over \F_p

We propose a new, efficient decoding algorithm for square-free (irreducible or otherwise) Goppa codes over \F_p for any prime $p$. If the code in question has degree $t$ and its average code distance is at least $(4/p)t + 1$, the proposed decoder can uniquely correct up to $(2/p)t$ errors with high probability. The correction capability is higher if the distribution of error magnitudes is not uniform, approaching or reaching $t$ errors when any particular error value occurs much more often than others or exclusively. This makes the method interesting for (semantically secure) cryptosystems based on the decoding problem for permuted and punctured Goppa codes

Monoidic Codes in Cryptography

International audienceAt SAC 2009, Misoczki and Barreto proposed a new class of codes, which have parity-check matrices that are quasi-dyadic. A special subclass of these codes were shown to coincide with Goppa codes and those were recommended for cryptosystems based on error-correcting codes. Quasi-dyadic codes have both very compact representations and allow for efficient processing, resulting in fast cryptosystems with small key sizes. In this paper, we generalize these results and introduce quasi-monoidic codes, which retain all desirable properties of quasi-dyadic codes. We show that, as before, a subclass of our codes contains only Goppa codes or, for a slightly bigger subclass, only Generalized Srivastava codes. Unlike before, we also capture codes over fields of odd characteristic. These include wild Goppa codes that were proposed at SAC 2010 by Bernstein, Lange, and Peters for their exceptional error-correction capabilities. We show how to instantiate standard code-based encryption and signature schemes with our codes and give some preliminary parameters

Some Applications of Coding Theory in Cryptography

viii+80hlm.;24c

Curves, codes, and cryptography

This thesis deals with two topics: elliptic-curve cryptography and code-based cryptography. In 2007 elliptic-curve cryptography received a boost from the introduction of a new way of representing elliptic curves. Edwards, generalizing an example from Euler and Gauss, presented an addition law for the curves x2 + y2 = c2(1 + x2y2) over non-binary fields. Edwards showed that every elliptic curve can be expressed in this form as long as the underlying field is algebraically closed. Bernstein and Lange found fast explicit formulas for addition and doubling in coordinates (X : Y : Z) representing (x, y) = (X/Z, Y/Z) on these curves, and showed that these explicit formulas save time in elliptic-curve cryptography. It is easy to see that all of these curves are isomorphic to curves x2 + y2 = 1 + dx2y2 which now are called "Edwards curves" and whose shape covers considerably more elliptic curves over a finite field than x2 + y2 = c2(1 + x2y2). In this thesis the Edwards addition law is generalized to cover all curves ax2 +y2 = 1+dx2y2 which now are called "twisted Edwards curves." The fast explicit formulas for addition and doubling presented here are almost as fast in the general case as they are for the special case a = 1. This generalization brings the speed of the Edwards addition law to every Montgomery curve. Tripling formulas for Edwards curves can be used for double-base scalar multiplication where a multiple of a point is computed using a series of additions, doublings, and triplings. The use of double-base chains for elliptic-curve scalar multiplication for elliptic curves in various shapes is investigated in this thesis. It turns out that not only are Edwards curves among the fastest curve shapes, but also that the speed of doublings on Edwards curves renders double bases obsolete for this curve shape. Elliptic curves in Edwards form and twisted Edwards form can be used to speed up the Elliptic-Curve Method for integer factorization (ECM). We show how to construct elliptic curves in Edwards form and twisted Edwards form with large torsion groups which are used by the EECM-MPFQ implementation of ECM. Code-based cryptography was invented by McEliece in 1978. The McEliece public-key cryptosystem uses as public key a hidden Goppa code over a finite field. Encryption in McEliece’s system is remarkably fast (a matrix-vector multiplication). This system is rarely used in implementations. The main complaint is that the public key is too large. The McEliece cryptosystem recently regained attention with the advent of post-quantum cryptography, a new field in cryptography which deals with public-key systems without (known) vulnerabilities to attacks by quantum computers. The McEliece cryptosystem is one of them. In this thesis we underline the strength of the McEliece cryptosystem by improving attacks against it and by coming up with smaller-key variants. McEliece proposed to use binary Goppa codes. For these codes the most effective attacks rely on information-set decoding. In this thesis we present an attack developed together with Daniel J. Bernstein and Tanja Lange which uses and improves Stern’s idea of collision decoding. This attack is faster by a factor of more than 150 than previous attacks, bringing it within reach of a moderate computer cluster. We were able to extract a plaintext from a ciphertext by decoding 50 errors in a [1024, 524] binary code. The attack should not be interpreted as destroying the McEliece cryptosystem. However, the attack demonstrates that the original parameters were chosen too small. Building on this work the collision-decoding algorithm is generalized in two directions. First, we generalize the improved collision-decoding algorithm for codes over arbitrary fields and give a precise analysis of the running time. We use the analysis to propose parameters for the McEliece cryptosystem with Goppa codes over fields such as F31. Second, collision decoding is generalized to ball-collision decoding in the case of binary linear codes. Ball-collision decoding is asymptotically faster than any previous attack against the McEliece cryptosystem. Another way to strengthen the system is to use codes with a larger error-correction capability. This thesis presents "wild Goppa codes" which contain the classical binary Goppa codes as a special case. We explain how to encrypt and decrypt messages in the McEliece cryptosystem when using wild Goppa codes. The size of the public key can be reduced by using wild Goppa codes over moderate fields which is explained by evaluating the security of the "Wild McEliece" cryptosystem against our generalized collision attack for codes over finite fields. Code-based cryptography not only deals with public-key cryptography: a code-based hash function "FSB"was submitted to NIST’s SHA-3 competition, a competition to establish a new standard for cryptographic hashing. Wagner’s generalized birthday attack is a generic attack which can be used to find collisions in the compression function of FSB. However, applying Wagner’s algorithm is a challenge in storage-restricted environments. The FSBday project showed how to successfully mount the generalized birthday attack on 8 nodes of the Coding and Cryptography Computer Cluster (CCCC) at Technische Universiteit Eindhoven to find collisions in the toy version FSB48 which is contained in the submission to NIST

Sums of residues on algebraic surfaces and application to coding theory

In this paper, we study residues of differential 2-forms on a smooth algebraic surface over an arbitrary field and give several statements about sums of residues. Afterwards, using these results we construct algebraic-geometric codes which are an extension to surfaces of the well-known differential codes on curves. We also study some properties of these codes and extend to them some known properties for codes on curves.Comment: 31 page

Algebraic Codes For Error Correction In Digital Communication Systems

Access to the full-text thesis is no longer available at the author's request, due to 3rd party copyright restrictions. Access removed on 29.11.2016 by CS (TIS).Metadata merged with duplicate record (http://hdl.handle.net/10026.1/899) on 20.12.2016 by CS (TIS).C. Shannon presented theoretical conditions under which communication was possible error-free in the presence of noise. Subsequently the notion of using error correcting codes to mitigate the effects of noise in digital transmission was introduced by R. Hamming. Algebraic codes, codes described using powerful tools from algebra took to the fore early on in the search for good error correcting codes. Many classes of algebraic codes now exist and are known to have the best properties of any known classes of codes. An error correcting code can be described by three of its most important properties length, dimension and minimum distance. Given codes with the same length and dimension, one with the largest minimum distance will provide better error correction. As a result the research focuses on finding improved codes with better minimum distances than any known codes. Algebraic geometry codes are obtained from curves. They are a culmination of years of research into algebraic codes and generalise most known algebraic codes. Additionally they have exceptional distance properties as their lengths become arbitrarily large. Algebraic geometry codes are studied in great detail with special attention given to their construction and decoding. The practical performance of these codes is evaluated and compared with previously known codes in different communication channels. Furthermore many new codes that have better minimum distance to the best known codes with the same length and dimension are presented from a generalised construction of algebraic geometry codes. Goppa codes are also an important class of algebraic codes. A construction of binary extended Goppa codes is generalised to codes with nonbinary alphabets and as a result many new codes are found. This construction is shown as an efficient way to extend another well known class of algebraic codes, BCH codes. A generic method of shortening codes whilst increasing the minimum distance is generalised. An analysis of this method reveals a close relationship with methods of extending codes. Some new codes from Goppa codes are found by exploiting this relationship. Finally an extension method for BCH codes is presented and this method is shown be as good as a well known method of extension in certain cases