Error-Correction Coding and Decoding: Bounds, Codes, Decoders, Analysis and Applications

Coding; Communications; Engineering; Networks; Information Theory; Algorithm

Cryptanalysis of McEliece Cryptosystem Based on Algebraic Geometry Codes and their subcodes

We give polynomial time attacks on the McEliece public key cryptosystem based either on algebraic geometry (AG) codes or on small codimensional subcodes of AG codes. These attacks consist in the blind reconstruction either of an Error Correcting Pair (ECP), or an Error Correcting Array (ECA) from the single data of an arbitrary generator matrix of a code. An ECP provides a decoding algorithm that corrects up to $\frac{d^*-1-g}{2}$ errors, where $d^*$ denotes the designed distance and $g$ denotes the genus of the corresponding curve, while with an ECA the decoding algorithm corrects up to $\frac{d^*-1}{2}$ errors. Roughly speaking, for a public code of length $n$ over $\mathbb F_q$, these attacks run in $O(n^4\log (n))$ operations in $\mathbb F_q$ for the reconstruction of an ECP and $O(n^5)$ operations for the reconstruction of an ECA. A probabilistic shortcut allows to reduce the complexities respectively to $O(n^{3+\varepsilon} \log (n))$ and $O(n^{4+\varepsilon})$. Compared to the previous known attack due to Faure and Minder, our attack is efficient on codes from curves of arbitrary genus. Furthermore, we investigate how far these methods apply to subcodes of AG codes.Comment: A part of the material of this article has been published at the conferences ISIT 2014 with title "A polynomial time attack against AG code based PKC" and 4ICMCTA with title "Crypt. of PKC that use subcodes of AG codes". This long version includes detailed proofs and new results: the proceedings articles only considered the reconstruction of ECP while we discuss here the reconstruction of EC

Decoding and constructions of codes in rank and Hamming metric

As coding theory plays an important role in data transmission, decoding algorithms for new families of error correction codes are of great interest. This dissertation is dedicated to the decoding algorithms for new families of maximum rank distance (MRD) codes including additive generalized twisted Gabidulin (AGTG) codes and Trombetti-Zhou (TZ) codes, decoding algorithm for Gabidulin codes beyond half the minimum distance and also encoding and decoding algorithms for some new optimal rank metric codes with restrictions. We propose an interpolation-based decoding algorithm to decode AGTG codes where the decoding problem is reduced to the problem of solving a projective polynomial equation of the form q(x) = xqu+1 +bx+a = 0 for a,b ∈ Fqm. We investigate the zeros of q(x) when gcd(u,m)=1 and proposed a deterministic algorithm to solve a linearized polynomial equation which has a close connection to the zeros of q(x). An efficient polynomial-time decoding algorithm is proposed for TZ codes. The interpolation-based decoding approach transforms the decoding problem of TZ codes to the problem of solving a quadratic polynomial equation. Two new communication models are defined and using our models we manage to decode Gabidulin codes beyond half the minimum distance by one unit. Our models also allow us to improve the complexity for decoding GTG and AGTG codes. Besides working on MRD codes, we also work on restricted optimal rank metric codes including symmetric, alternating and Hermitian rank metric codes. Both encoding and decoding algorithms for these optimal families are proposed. In all the decoding algorithms presented in this thesis, the properties of Dickson matrix and the BM algorithm play crucial roles. We also touch two problems in Hamming metric. For the first problem, some cryptographic properties of Welch permutation polynomial are investigated and we use these properties to determine the weight distribution of a binary linear codes with few weights. For the second one, we introduce two new subfamilies for maximum weight spectrum codes with respect to their weight distribution and then we investigate their properties.Doktorgradsavhandlin

Design of tch-type sequences for communications

This thesis deals with the design of a class of cyclic codes inspired by TCH codewords. Since TCH codes are linked to finite fields the fundamental concepts and facts about abstract algebra, namely group theory and number theory, constitute the first part of the thesis. By exploring group geometric properties and identifying an equivalence between some operations on codes and the symmetries of the dihedral group we were able to simplify the generation of codewords thus saving on the necessary number of computations. Moreover, we also presented an algebraic method to obtain binary generalized TCH codewords of length N = 2k, k = 1,2, . . . , 16. By exploring Zech logarithm’s properties as well as a group theoretic isomorphism we developed a method that is both faster and less complex than what was proposed before. In addition, it is valid for all relevant cases relating the codeword length N and not only those resulting from N = p

A STUDY OF LINEAR ERROR CORRECTING CODES

Since Shannon's ground-breaking work in 1948, there have been two main development streams of channel coding in approaching the limit of communication channels, namely classical coding theory which aims at designing codes with large minimum Hamming distance and probabilistic coding which places the emphasis on low complexity probabilistic decoding using long codes built from simple constituent codes. This work presents some further investigations in these two channel coding development streams. Low-density parity-check (LDPC) codes form a class of capacity-approaching codes with sparse parity-check matrix and low-complexity decoder Two novel methods of constructing algebraic binary LDPC codes are presented. These methods are based on the theory of cyclotomic cosets, idempotents and Mattson-Solomon polynomials, and are complementary to each other. The two methods generate in addition to some new cyclic iteratively decodable codes, the well-known Euclidean and projective geometry codes. Their extension to non binary fields is shown to be straightforward. These algebraic cyclic LDPC codes, for short block lengths, converge considerably well under iterative decoding. It is also shown that for some of these codes, maximum likelihood performance may be achieved by a modified belief propagation decoder which uses a different subset of 7^ codewords of the dual code for each iteration. Following a property of the revolving-door combination generator, multi-threaded minimum Hamming distance computation algorithms are developed. Using these algorithms, the previously unknown, minimum Hamming distance of the quadratic residue code for prime 199 has been evaluated. In addition, the highest minimum Hamming distance attainable by all binary cyclic codes of odd lengths from 129 to 189 has been determined, and as many as 901 new binary linear codes which have higher minimum Hamming distance than the previously considered best known linear code have been found. It is shown that by exploiting the structure of circulant matrices, the number of codewords required, to compute the minimum Hamming distance and the number of codewords of a given Hamming weight of binary double-circulant codes based on primes, may be reduced. A means of independently verifying the exhaustively computed number of codewords of a given Hamming weight of these double-circulant codes is developed and in coiyunction with this, it is proved that some published results are incorrect and the correct weight spectra are presented. Moreover, it is shown that it is possible to estimate the minimum Hamming distance of this family of prime-based double-circulant codes. It is shown that linear codes may be efficiently decoded using the incremental correlation Dorsch algorithm. By extending this algorithm, a list decoder is derived and a novel, CRC-less error detection mechanism that offers much better throughput and performance than the conventional ORG scheme is described. Using the same method it is shown that the performance of conventional CRC scheme may be considerably enhanced. Error detection is an integral part of an incremental redundancy communications system and it is shown that sequences of good error correction codes, suitable for use in incremental redundancy communications systems may be obtained using the Constructions X and XX. Examples are given and their performances presented in comparison to conventional CRC schemes