186 research outputs found
On the List-Decodability of Random Linear Rank-Metric Codes
The list-decodability of random linear rank-metric codes is shown to match
that of random rank-metric codes. Specifically, an -linear
rank-metric code over of rate is shown to be (with high probability)
list-decodable up to fractional radius with lists of size at
most , where is a constant
depending only on and . This matches the bound for random rank-metric
codes (up to constant factors). The proof adapts the approach of Guruswami,
H\aa stad, Kopparty (STOC 2010), who established a similar result for the
Hamming metric case, to the rank-metric setting
Decodability Attack against the Fuzzy Commitment Scheme with Public Feature Transforms
The fuzzy commitment scheme is a cryptographic primitive that can be used to
store biometric templates being encoded as fixed-length feature vectors
protected. If multiple related records generated from the same biometric
instance can be intercepted, their correspondence can be determined using the
decodability attack. In 2011, Kelkboom et al. proposed to pass the feature
vectors through a record-specific but public permutation process in order to
prevent this attack. In this paper, it is shown that this countermeasure
enables another attack also analyzed by Simoens et al. in 2009 which can even
ease an adversary to fully break two related records. The attack may only be
feasible if the protected feature vectors have a reasonably small Hamming
distance; yet, implementations and security analyses must account for this
risk. This paper furthermore discusses that by means of a public
transformation, the attack cannot be prevented in a binary fuzzy commitment
scheme based on linear codes. Fortunately, such transformations can be
generated for the non-binary case. In order to still be able to protect binary
feature vectors, one may consider to use the improved fuzzy vault scheme by
Dodis et al. which may be secured against linkability attacks using
observations made by Merkle and Tams
Bounds on List Decoding of Rank-Metric Codes
So far, there is no polynomial-time list decoding algorithm (beyond half the
minimum distance) for Gabidulin codes. These codes can be seen as the
rank-metric equivalent of Reed--Solomon codes. In this paper, we provide bounds
on the list size of rank-metric codes in order to understand whether
polynomial-time list decoding is possible or whether it works only with
exponential time complexity. Three bounds on the list size are proven. The
first one is a lower exponential bound for Gabidulin codes and shows that for
these codes no polynomial-time list decoding beyond the Johnson radius exists.
Second, an exponential upper bound is derived, which holds for any rank-metric
code of length and minimum rank distance . The third bound proves that
there exists a rank-metric code over \Fqm of length such that the
list size is exponential in the length for any radius greater than half the
minimum rank distance. This implies that there cannot exist a polynomial upper
bound depending only on and similar to the Johnson bound in Hamming
metric. All three rank-metric bounds reveal significant differences to bounds
for codes in Hamming metric.Comment: 10 pages, 2 figures, submitted to IEEE Transactions on Information
Theory, short version presented at ISIT 201
Generalized List Decoding
This paper concerns itself with the question of list decoding for general
adversarial channels, e.g., bit-flip () channels, erasure
channels, (-) channels, channels, real adder
channels, noisy typewriter channels, etc. We precisely characterize when
exponential-sized (or positive rate) -list decodable codes (where the
list size is a universal constant) exist for such channels. Our criterion
asserts that:
"For any given general adversarial channel, it is possible to construct
positive rate -list decodable codes if and only if the set of completely
positive tensors of order- with admissible marginals is not entirely
contained in the order- confusability set associated to the channel."
The sufficiency is shown via random code construction (combined with
expurgation or time-sharing). The necessity is shown by
1. extracting equicoupled subcodes (generalization of equidistant code) from
any large code sequence using hypergraph Ramsey's theorem, and
2. significantly extending the classic Plotkin bound in coding theory to list
decoding for general channels using duality between the completely positive
tensor cone and the copositive tensor cone. In the proof, we also obtain a new
fact regarding asymmetry of joint distributions, which be may of independent
interest.
Other results include
1. List decoding capacity with asymptotically large for general
adversarial channels;
2. A tight list size bound for most constant composition codes
(generalization of constant weight codes);
3. Rederivation and demystification of Blinovsky's [Bli86] characterization
of the list decoding Plotkin points (threshold at which large codes are
impossible);
4. Evaluation of general bounds ([WBBJ]) for unique decoding in the error
correction code setting
- …