The decoding failure probability of MDPC codes

Moderate Density Parity Check (MDPC) codes are defined here as codes which have a parity-check matrix whose row weight is $O(\sqrt{n})$ where $n$ is the length $n$ of the code. They can be decoded like LDPC codes but they decode much less errors than LDPC codes: the number of errors they can decode in this case is of order $\Theta(\sqrt{n})$. Despite this fact they have been proved very useful in cryptography for devising key exchange mechanisms. They have also been proposed in McEliece type cryptosystems. However in this case, the parameters that have been proposed in \cite{MTSB13} were broken in \cite{GJS16}. This attack exploits the fact that the decoding failure probability is non-negligible. We show here that this attack can be thwarted by choosing the parameters in a more conservative way. We first show that such codes can decode with a simple bit-flipping decoder any pattern of $O\left(\frac{\sqrt{n} \log \log n}{\log n}\right)$ errors. This avoids the previous attack at the cost of significantly increasing the key size of the scheme. We then show that under a very reasonable assumption the decoding failure probability decays almost exponentially with the codelength with just two iterations of bit-flipping. With an additional assumption it has even been proved that it decays exponentially with an unbounded number of iterations and we show that in this case the increase of the key size which is required for resisting to the attack of \cite{GJS16} is only moderate

On a Low-Rate TLDPC Code Ensemble and the Necessary Condition on the Linear Minimum Distance for Sparse-Graph Codes

This paper addresses the issue of design of low-rate sparse-graph codes with linear minimum distance in the blocklength. First, we define a necessary condition which needs to be satisfied when the linear minimum distance is to be ensured. The condition is formulated in terms of degree-1 and degree-2 variable nodes and of low-weight codewords of the underlying code, and it generalizies results known for turbo codes [8] and LDPC codes. Then, we present a new ensemble of low-rate codes, which itself is a subclass of TLDPC codes [4], [5], and which is designed under this necessary condition. The asymptotic analysis of the ensemble shows that its iterative threshold is situated close to the Shannon limit. In addition to the linear minimum distance property, it has a simple structure and enjoys a low decoding complexity and a fast convergence.Comment: submitted to IEEE Trans. on Communication

Magic state distillation with punctured polar codes

We present a scheme for magic state distillation using punctured polar codes. Our results build on some recent work by Bardet et al. (ISIT, 2016) who discovered that polar codes can be described algebraically as decreasing monomial codes. Using this powerful framework, we construct tri-orthogonal quantum codes (Bravyi et al., PRA, 2012) that can be used to distill magic states for the $T$ gate. An advantage of these codes is that they permit the use of the successive cancellation decoder whose time complexity scales as $O(N\log(N))$. We supplement this with numerical simulations for the erasure channel and dephasing channel. We obtain estimates for the dimensions and error rates for the resulting codes for block sizes up to $2^{20}$ for the erasure channel and $2^{16}$ for the dephasing channel. The dimension of the triply-even codes we obtain is shown to scale like $O(N^{0.8})$ for the binary erasure channel at noise rate $0.01$ and $O(N^{0.84})$ for the dephasing channel at noise rate $0.001$. The corresponding bit error rates drop to roughly $8\times10^{-28}$ for the erasure channel and $7 \times 10^{-15}$ for the dephasing channel respectively.Comment: 18 pages, 4 figure

New algorithms for decoding in the rank metric and an attack on the LRPC cryptosystem

We consider the decoding problem or the problem of finding low weight codewords for rank metric codes. We show how additional information about the codeword we want to find under the form of certain linear combinations of the entries of the codeword leads to algorithms with a better complexity. This is then used together with a folding technique for attacking a McEliece scheme based on LRPC codes. It leads to a feasible attack on one of the parameters suggested in \cite{GMRZ13}.Comment: A shortened version of this paper will be published in the proceedings of the IEEE International Symposium on Information Theory 2015 (ISIT 2015

New Identities Relating Wild Goppa Codes

For a given support $L \in \mathbb{F}_{q^m}^n$ and a polynomial $g\in \mathbb{F}_{q^m}[x]$ with no roots in $\mathbb{F}_{q^m}$, we prove equality between the $q$-ary Goppa codes $\Gamma_q(L,N(g)) = \Gamma_q(L,N(g)/g)$ where $N(g)$ denotes the norm of $g$, that is $g^{q^{m-1}+\cdots +q+1}.$ In particular, for $m=2$, that is, for a quadratic extension, we get $\Gamma_q(L,g^q) = \Gamma_q(L,g^{q+1})$. If $g$ has roots in $\mathbb{F}_{q^m}$, then we do not necessarily have equality and we prove that the difference of the dimensions of the two codes is bounded above by the number of distinct roots of $g$ in $\mathbb{F}_{q^m}$. These identities provide numerous code equivalences and improved designed parameters for some families of classical Goppa codes.Comment: 14 page

Time resolved spectroscopy of the multiperiodic pulsating subdwarf B star PG1605+072

We present results for the 2m spectroscopic part of the MultiSite Spectroscopic Telescope campaign, which took place in May/June 2002. In order to perform an asteroseismological analysis on the multiperiodic pulsating subdwarf B star PG 1605+072 we used over 150 hours of time resolved spectroscopy in order to search for and analyse line profile variations by using phase binning. We succeeded in finding variations in effective temperature and gravity for four modes. A pilot analysis using the \textit{BRUCE} and \textit{KYLIE} programs and assuming strong rotation and low inclination favours models with $l=1$ or $l=2$ with $m\leq0$.Comment: 2 pages, 2 figures, proceedings of the "Vienna Workshop on the Future of Asteroseismology", to appear in Communications in Asteroseismology v. 14