Some Notes on Code-Based Cryptography

This thesis presents new cryptanalytic results in several areas of coding-based cryptography. In addition, we also investigate the possibility of using convolutional codes in code-based public-key cryptography. The first algorithm that we present is an information-set decoding algorithm, aiming towards the problem of decoding random linear codes. We apply the generalized birthday technique to information-set decoding, improving the computational complexity over previous approaches. Next, we present a new version of the McEliece public-key cryptosystem based on convolutional codes. The original construction uses Goppa codes, which is an algebraic code family admitting a well-defined code structure. In the two constructions proposed, large parts of randomly generated parity checks are used. By increasing the entropy of the generator matrix, this presumably makes structured attacks more difficult. Following this, we analyze a McEliece variant based on quasi-cylic MDPC codes. We show that when the underlying code construction has an even dimension, the system is susceptible to, what we call, a squaring attack. Our results show that the new squaring attack allows for great complexity improvements over previous attacks on this particular McEliece construction. Then, we introduce two new techniques for finding low-weight polynomial multiples. Firstly, we propose a general technique based on a reduction to the minimum-distance problem in coding, which increases the multiplicity of the low-weight codeword by extending the code. We use this algorithm to break some of the instances used by the TCHo cryptosystem. Secondly, we propose an algorithm for finding weight-4 polynomials. By using the generalized birthday technique in conjunction with increasing the multiplicity of the low-weight polynomial multiple, we obtain a much better complexity than previously known algorithms. Lastly, two new algorithms for the learning parities with noise (LPN) problem are proposed. The first one is a general algorithm, applicable to any instance of LPN. The algorithm performs favorably compared to previously known algorithms, breaking the 80-bit security of the widely used (512,1/8) instance. The second one focuses on LPN instances over a polynomial ring, when the generator polynomial is reducible. Using the algorithm, we break an 80-bit security instance of the Lapin cryptosystem

Error-Correction Coding and Decoding: Bounds, Codes, Decoders, Analysis and Applications

Coding; Communications; Engineering; Networks; Information Theory; Algorithm

Influence du mapping sur la reconnaissance d'un système de communication

Le contexte de cette thèse est la reconnaissance de systèmes de communication dans un contexte non coopératif. Nous nous intéressons au problème de la reconstruction de codes convolutifs et à la reconstruction du mapping (la bijection utilisée pour associer une séquence binaire à un signal modulé). Nous avons élaboré une nouvelle méthode statistique qui à partir d'une séquence binaire bruitée observée permet de détecter si une séquence binaire est codée par un codeur convolutif. Cette méthode consiste à former des blocs de séquence suffisamment grands pour contenir le support d'une équation de parité et à compter le nombre de blocs identiques. Elle a l'avantage de fournir la longueur du code utilisé lorsque le mapping est inconnu. Cette méthode peut également être utilisée pour reconstruire le dual d'un code convolutif lorsque le mapping est connu. Nous proposons par ailleurs un algorithme de reconnaissance de mapping basé sur le parcours de classes d'équivalences. Deux types de classes sont définies. Nous disposons d'un signal bruité partiellement démodulé (démodulé avec un mapping par défaut) et supposons que les données sont codées par un codeur convolutif. Nous utilisons la reconnaissance d'un tel code comme testeur et parcourons enfin les classes d'équivalences faisant apparaître une structure de codes convolutifs. Cette classification améliore la complexité de la recherche pour les petites constellations (4 et 8-PSK). Dans le cas des constellations 16 à 256-QAM l'algorithme est appliqué aux mappings Gray ou quasi-Gray. L'algorithme ne fournit pas un résultat unique mais il permet de trouver un ensemble de mappings possibles à partir de données bruitées.The context of this thesis is the recognition of communication systems in a non-cooperative context. We are interested in the convolutional code reconstruction problem and in the constellation labeling reconstruction (the mapping used to associate a binary sequence to a modulated signal). We have defined a new statistical method for detecting if a given binary sequence is a noisy convolutional code-word obtained from an unknown convolutional code. It consists in forming blocks of sequence which are big enough to contain the support of a parity check equation and counting the number of blocks which are equal. It gives the length of the convolutional code without knowledge of the constellation labeling. This method can also be used to reconstruct the dual of a convolutional code when the constellation labeling is known. Moreover we propose a constellation labeling recognition algorithm using some equivalence classes. Two types of classes are defined: linear and affine. We observe a noisy signal which is partially demodulated (with a default labeling) and assume that the data are coded by a convolutional encoder. Thus we use the reconstruction of a code as a test and run through the classes which reveal a code structure. This classification improves the complexity of the search for small constellations (4-PSK and 8-PSK). In case of 16-QAM to 256-QAM constellations we apply the algorithm to Gray or quasi-Gray labelings. The algorithm does not give a unique result but it allows to find a small set of possible constellation labelings from noisy data.PARIS-JUSSIEU-Bib.électronique (751059901) / SudocSudocFranceF