18 research outputs found
Product Construction of Affine Codes
Binary matrix codes with restricted row and column weights are a desirable
method of coded modulation for power line communication. In this work, we
construct such matrix codes that are obtained as products of affine codes -
cosets of binary linear codes. Additionally, the constructions have the
property that they are systematic. Subsequently, we generalize our construction
to irregular product of affine codes, where the component codes are affine
codes of different rates.Comment: 13 pages, to appear in SIAM Journal on Discrete Mathematic
Bounds on List Decoding of Rank-Metric Codes
So far, there is no polynomial-time list decoding algorithm (beyond half the
minimum distance) for Gabidulin codes. These codes can be seen as the
rank-metric equivalent of Reed--Solomon codes. In this paper, we provide bounds
on the list size of rank-metric codes in order to understand whether
polynomial-time list decoding is possible or whether it works only with
exponential time complexity. Three bounds on the list size are proven. The
first one is a lower exponential bound for Gabidulin codes and shows that for
these codes no polynomial-time list decoding beyond the Johnson radius exists.
Second, an exponential upper bound is derived, which holds for any rank-metric
code of length and minimum rank distance . The third bound proves that
there exists a rank-metric code over \Fqm of length such that the
list size is exponential in the length for any radius greater than half the
minimum rank distance. This implies that there cannot exist a polynomial upper
bound depending only on and similar to the Johnson bound in Hamming
metric. All three rank-metric bounds reveal significant differences to bounds
for codes in Hamming metric.Comment: 10 pages, 2 figures, submitted to IEEE Transactions on Information
Theory, short version presented at ISIT 201
List and Unique Error-Erasure Decoding of Interleaved Gabidulin Codes with Interpolation Techniques
A new interpolation-based decoding principle for interleaved Gabidulin codes
is presented. The approach consists of two steps: First, a multi-variate
linearized polynomial is constructed which interpolates the coefficients of the
received word and second, the roots of this polynomial have to be found. Due to
the specific structure of the interpolation polynomial, both steps
(interpolation and root-finding) can be accomplished by solving a linear system
of equations. This decoding principle can be applied as a list decoding
algorithm (where the list size is not necessarily bounded polynomially) as well
as an efficient probabilistic unique decoding algorithm. For the unique
decoder, we show a connection to known unique decoding approaches and give an
upper bound on the failure probability. Finally, we generalize our approach to
incorporate not only errors, but also row and column erasures.Comment: accepted for Designs, Codes and Cryptography; presented in part at
WCC 2013, Bergen, Norwa
Convolutional Codes in Rank Metric with Application to Random Network Coding
Random network coding recently attracts attention as a technique to
disseminate information in a network. This paper considers a non-coherent
multi-shot network, where the unknown and time-variant network is used several
times. In order to create dependencies between the different shots, particular
convolutional codes in rank metric are used. These codes are so-called
(partial) unit memory ((P)UM) codes, i.e., convolutional codes with memory one.
First, distance measures for convolutional codes in rank metric are shown and
two constructions of (P)UM codes in rank metric based on the generator matrices
of maximum rank distance codes are presented. Second, an efficient
error-erasure decoding algorithm for these codes is presented. Its guaranteed
decoding radius is derived and its complexity is bounded. Finally, it is shown
how to apply these codes for error correction in random linear and affine
network coding.Comment: presented in part at Netcod 2012, submitted to IEEE Transactions on
Information Theor
LIGA: A Cryptosystem Based on the Hardness of Rank-Metric List and Interleaved Decoding
We propose the new rank-metric code-based cryptosystem LIGA which is based on
the hardness of list decoding and interleaved decoding of Gabidulin codes. LIGA
is an improved variant of the Faure-Loidreau (FL) system, which was broken in a
structural attack by Gaborit, Otmani, and Tal\'e Kalachi (GOT, 2018). We keep
the FL encryption and decryption algorithms, but modify the insecure key
generation algorithm. Our crucial observation is that the GOT attack is
equivalent to decoding an interleaved Gabidulin code. The new key generation
algorithm constructs public keys for which all polynomial-time interleaved
decoders fail---hence LIGA resists the GOT attack. We also prove that the
public-key encryption version of LIGA is IND-CPA secure in the standard model
and the KEM version is IND-CCA2 secure in the random oracle model, both under
hardness assumptions of formally defined problems related to list decoding and
interleaved decoding of Gabidulin codes. We propose and analyze various
exponential-time attacks on these problems, calculate their work factors, and
compare the resulting parameters to NIST proposals. The strengths of LIGA are
short ciphertext sizes and (relatively) small key sizes. Further, LIGA
guarantees correct decryption and has no decryption failure rate. It is not
based on hiding the structure of a code. Since there are efficient and
constant-time algorithms for encoding and decoding Gabidulin codes, timing
attacks on the encryption and decryption algorithms can be easily prevented.Comment: Extended version of arXiv:1801.0368