10,821 research outputs found
Hybrid Approaches for Distributed Storage Systems
International audienceDistributed or peer-to-peer storage solutions rely on the introduction of redundant data to be fault-tolerant and to achieve high reliability. One way to introduce redundancy is by simple replication. This strategy allows an easy and fast access to data, and a good bandwidth e ciency to repair the missing redundancy when a peer leaves or fails in high churn systems. However, it is known that erasure codes, like Reed-Solomon, are an e - cient solution in terms of storage space to obtain high durability when compared to replication. Recently, the Regenerating Codes were proposed as an improvement of erasure codes to better use the available bandwidth when reconstructing the missing information. In this work, we compare these codes with two hybrid approaches. The rst was already proposed and mixes erasure codes and replication. The second one is a new proposal that we call Double Coding. We compare these approaches with the traditional Reed-Solomon code and also Regenerating Codes from the point of view of availability, durability and storage space. This comparison uses Markov Chain Models that take into account the reconstruction time of the systems
A Distinguisher-Based Attack on a Variant of McEliece's Cryptosystem Based on Reed-Solomon Codes
Baldi et \textit{al.} proposed a variant of McEliece's cryptosystem. The main
idea is to replace its permutation matrix by adding to it a rank 1 matrix. The
motivation for this change is twofold: it would allow the use of codes that
were shown to be insecure in the original McEliece's cryptosystem, and it would
reduce the key size while keeping the same security against generic decoding
attacks. The authors suggest to use generalized Reed-Solomon codes instead of
Goppa codes. The public code built with this method is not anymore a
generalized Reed-Solomon code. On the other hand, it contains a very large
secret generalized Reed-Solomon code. In this paper we present an attack that
is built upon a distinguisher which is able to identify elements of this secret
code. The distinguisher is constructed by considering the code generated by
component-wise products of codewords of the public code (the so-called "square
code"). By using square-code dimension considerations, the initial generalized
Reed-Solomon code can be recovered which permits to decode any ciphertext. A
similar technique has already been successful for mounting an attack against a
homomorphic encryption scheme suggested by Bogdanoc et \textit{al.}. This work
can be viewed as another illustration of how a distinguisher of Reed-Solomon
codes can be used to devise an attack on cryptosystems based on them.Comment: arXiv admin note: substantial text overlap with arXiv:1203.668
Skew and linearized Reed-Solomon codes and maximum sum rank distance codes over any division ring
Reed-Solomon codes and Gabidulin codes have maximum Hamming distance and
maximum rank distance, respectively. A general construction using skew
polynomials, called skew Reed-Solomon codes, has already been introduced in the
literature. In this work, we introduce a linearized version of such codes,
called linearized Reed-Solomon codes. We prove that they have maximum sum-rank
distance. Such distance is of interest in multishot network coding or in
singleshot multi-network coding. To prove our result, we introduce new metrics
defined by skew polynomials, which we call skew metrics, we prove that skew
Reed-Solomon codes have maximum skew distance, and then we translate this
scenario to linearized Reed-Solomon codes and the sum-rank metric. The theories
of Reed-Solomon codes and Gabidulin codes are particular cases of our theory,
and the sum-rank metric extends both the Hamming and rank metrics. We develop
our theory over any division ring (commutative or non-commutative field). We
also consider non-zero derivations, which give new maximum rank distance codes
over infinite fields not considered before
A Distinguisher-Based Attack of a Homomorphic Encryption Scheme Relying on Reed-Solomon Codes
Bogdanov and Lee suggested a homomorphic public-key encryption scheme based
on error correcting codes. The underlying public code is a modified
Reed-Solomon code obtained from inserting a zero submatrix in the Vandermonde
generating matrix defining it. The columns that define this submatrix are kept
secret and form a set . We give here a distinguisher that detects if one or
several columns belong to or not. This distinguisher is obtained by
considering the code generated by component-wise products of codewords of the
public code (the so called "square code"). This operation is applied to
punctured versions of this square code obtained by picking a subset
of the whole set of columns. It turns out that the dimension of the
punctured square code is directly related to the cardinality of the
intersection of with . This allows an attack which recovers the full set
and which can then decrypt any ciphertext.Comment: 11 page
Maximum-likelihood decoding of Reed-Solomon Codes is NP-hard
Maximum-likelihood decoding is one of the central algorithmic problems in
coding theory. It has been known for over 25 years that maximum-likelihood
decoding of general linear codes is NP-hard. Nevertheless, it was so far
unknown whether maximum- likelihood decoding remains hard for any specific
family of codes with nontrivial algebraic structure. In this paper, we prove
that maximum-likelihood decoding is NP-hard for the family of Reed-Solomon
codes. We moreover show that maximum-likelihood decoding of Reed-Solomon codes
remains hard even with unlimited preprocessing, thereby strengthening a result
of Bruck and Naor.Comment: 16 pages, no figure
Bounds on List Decoding of Rank-Metric Codes
So far, there is no polynomial-time list decoding algorithm (beyond half the
minimum distance) for Gabidulin codes. These codes can be seen as the
rank-metric equivalent of Reed--Solomon codes. In this paper, we provide bounds
on the list size of rank-metric codes in order to understand whether
polynomial-time list decoding is possible or whether it works only with
exponential time complexity. Three bounds on the list size are proven. The
first one is a lower exponential bound for Gabidulin codes and shows that for
these codes no polynomial-time list decoding beyond the Johnson radius exists.
Second, an exponential upper bound is derived, which holds for any rank-metric
code of length and minimum rank distance . The third bound proves that
there exists a rank-metric code over \Fqm of length such that the
list size is exponential in the length for any radius greater than half the
minimum rank distance. This implies that there cannot exist a polynomial upper
bound depending only on and similar to the Johnson bound in Hamming
metric. All three rank-metric bounds reveal significant differences to bounds
for codes in Hamming metric.Comment: 10 pages, 2 figures, submitted to IEEE Transactions on Information
Theory, short version presented at ISIT 201
- …