Cryptanalysis of public-key cryptosystems that use subcodes of algebraic geometry codes

We give a polynomial time attack on the McEliece public key cryptosystem based on subcodes of algebraic geometry (AG) codes. The proposed attack reposes on the distinguishability of such codes from random codes using the Schur product. Wieschebrink treated the genus zero case a few years ago but his approach cannot be extent straightforwardly to other genera. We address this problem by introducing and using a new notion, which we call the t-closure of a code

Generalization of the Lee-O'Sullivan List Decoding for One-Point AG Codes

We generalize the list decoding algorithm for Hermitian codes proposed by Lee and O'Sullivan based on Gr\"obner bases to general one-point AG codes, under an assumption weaker than one used by Beelen and Brander. Our generalization enables us to apply the fast algorithm to compute a Gr\"obner basis of a module proposed by Lee and O'Sullivan, which was not possible in another generalization by Lax.Comment: article.cls, 14 pages, no figure. The order of authors was changed. To appear in Journal of Symbolic Computation. This is an extended journal paper version of our earlier conference paper arXiv:1201.624

Estimating the dimension of the subfield subcodes of hermitian codes

In this paper, we study the behavior of the true dimension of the subfield subcodes of Hermitian codes. Our motivation is to use these classes of linear codes to improve the parameters of the McEliece cryptosystem, such as key size and security level. The McEliece scheme is one of the promising alternative cryptographic schemes to the current public key schemes since in the last four decades, they resisted all known quantum computing attacks. By computing and analyzing a data collection of true dimensions of subfield subcodes, we concluded that they can be estimated by the extreme value distribution function

Hermitian codes from higher degree places

Matthews and Michel investigated the minimum distances in certain algebraic-geometry codes arising from a higher degree place $P$. In terms of the Weierstrass gap sequence at $P$, they proved a bound that gives an improvement on the designed minimum distance. In this paper, we consider those of such codes which are constructed from the Hermitian function field. We determine the Weierstrass gap sequence $G(P)$ where $P$ is a degree 3 place, and compute the Matthews and Michel bound with the corresponding improvement. We show more improvements using a different approach based on geometry. We also compare our results with the true values of the minimum distances of Hermitian 1-point codes, as well as with estimates due Xing and Chen

Towards the security of McEliece's cryptosystem based on Hermitian subfield subcodes

The purpose of this paper is to provide a comprehensive security analysis for the parameter selection process, which involves the computational cost of the information set decoding algorithm using the parameters of subfield subcodes of 1-point Hermitian codes. The purpose of this paper is to provide a comprehensive security analysis for the parameter selection process, which involves the computational cost of the information set decoding (ISD) algorithm using Hermitian subfield subcode parameters