267 research outputs found
Quasi-cyclic subcodes of cyclic codes
We completely characterize possible indices of quasi-cyclic subcodes in a
cyclic code for a very broad class of cyclic codes. We present enumeration
results for quasi-cyclic subcodes of a fixed index and show that the problem of
enumeration is equivalent to enumeration of certain vector subspaces in finite
fields. In particular, we present enumeration results for quasi-cyclic subcodes
of the simplex code and duals of certain BCH codes. Our results are based on
the trace representation of cyclic codes
Cryptanalysis of Two McEliece Cryptosystems Based on Quasi-Cyclic Codes
We cryptanalyse here two variants of the McEliece cryptosystem based on
quasi-cyclic codes. Both aim at reducing the key size by restricting the public
and secret generator matrices to be in quasi-cyclic form. The first variant
considers subcodes of a primitive BCH code. We prove that this variant is not
secure by finding and solving a linear system satisfied by the entries of the
secret permutation matrix.
The other variant uses quasi-cyclic low density parity-check codes. This
scheme was devised to be immune against general attacks working for McEliece
type cryptosystems based on low density parity-check codes by choosing in the
McEliece scheme more general one-to-one mappings than permutation matrices. We
suggest here a structural attack exploiting the quasi-cyclic structure of the
code and a certain weakness in the choice of the linear transformations that
hide the generator matrix of the code. Our analysis shows that with high
probability a parity-check matrix of a punctured version of the secret code can
be recovered in cubic time complexity in its length. The complete
reconstruction of the secret parity-check matrix of the quasi-cyclic low
density parity-check codes requires the search of codewords of low weight which
can be done with about operations for the specific parameters
proposed.Comment: Major corrections. This version supersedes previuos one
Variations of the McEliece Cryptosystem
Two variations of the McEliece cryptosystem are presented. The first one is
based on a relaxation of the column permutation in the classical McEliece
scrambling process. This is done in such a way that the Hamming weight of the
error, added in the encryption process, can be controlled so that efficient
decryption remains possible. The second variation is based on the use of
spatially coupled moderate-density parity-check codes as secret codes. These
codes are known for their excellent error-correction performance and allow for
a relatively low key size in the cryptosystem. For both variants the security
with respect to known attacks is discussed
Subspace subcodes of Reed-Solomon codes
We introduce a class of nonlinear cyclic error-correcting codes, which we call subspace subcodes of Reed-Solomon (SSRS) codes. An SSRS code is a subset of a parent Reed-Solomon (RS) code consisting of the RS codewords whose components all lie in a fixed ν-dimensional vector subspace S of GF (2m). SSRS codes are constructed using properties of the Galois field GF(2m). They are not linear over the field GF(2ν), which does not come into play, but rather are Abelian group codes over S. However, they are linear over GF(2), and the symbol-wise cyclic shift of any codeword is also a codeword. Our main result is an explicit but complicated formula for the dimension of an SSRS code. It implies a simple lower bound, which gives the true value of the dimension for most, though not all, subspaces. We also prove several important duality properties. We present some numerical examples, which show, among other things, that (1) SSRS codes can have a higher dimension than comparable subfield subcodes of RS codes, so that even if GF(2ν) is a subfield of GF(2m), it may not be the best ν-dimensional subspace for constructing SSRS codes; and (2) many high-rate SSRS codes have a larger dimension than any previously known code with the same values of n, d, and q, including algebraic-geometry codes. These examples suggest that high-rate SSRS codes are promising candidates to replace Reed-Solomon codes in high-performance transmission and storage systems
- …