Asymptotic improvement of the Gilbert-Varshamov bound for linear codes

The Gilbert-Varshamov bound states that the maximum size A_2(n,d) of a binary code of length n and minimum distance d satisfies A_2(n,d) >= 2^n/V(n,d-1) where V(n,d) stands for the volume of a Hamming ball of radius d. Recently Jiang and Vardy showed that for binary non-linear codes this bound can be improved to A_2(n,d) >= cn2^n/V(n,d-1) for c a constant and d/n <= 0.499. In this paper we show that certain asymptotic families of linear binary [n,n/2] random double circulant codes satisfy the same improved Gilbert-Varshamov bound.Comment: Submitted to IEEE Transactions on Information Theor

On the construction of dense lattices with a given automorphism group

We consider the problem of constructing dense lattices of R^n with a given automorphism group. We exhibit a family of such lattices of density at least cn/2^n, which matches, up to a multiplicative constant, the best known density of a lattice packing. For an infinite sequence of dimensions n, we exhibit a finite set of lattices that come with an automorphism group of size n, and a constant proportion of which achieves the aforementioned lower bound on the largest packing density. The algorithmic complexity for exhibiting a basis of such a lattice is of order exp(nlogn), which improves upon previous theorems that yield an equivalent lattice packing density. The method developed here involves applying Leech and Sloane's construction A to a special class of codes with a given automorphism group, namely the class of double circulant codes.Comment: 10 pages. Corrected typos and ambiguous definitio

Polynomial-Time Key Recovery Attack on the Faure-Loidreau Scheme based on Gabidulin Codes

Encryption schemes based on the rank metric lead to small public key sizes of order of few thousands bytes which represents a very attractive feature compared to Hamming metric-based encryption schemes where public key sizes are of order of hundreds of thousands bytes even with additional structures like the cyclicity. The main tool for building public key encryption schemes in rank metric is the McEliece encryption setting used with the family of Gabidulin codes. Since the original scheme proposed in 1991 by Gabidulin, Paramonov and Tretjakov, many systems have been proposed based on different masking techniques for Gabidulin codes. Nevertheless, over the years all these systems were attacked essentially by the use of an attack proposed by Overbeck. In 2005 Faure and Loidreau designed a rank-metric encryption scheme which was not in the McEliece setting. The scheme is very efficient, with small public keys of size a few kiloBytes and with security closely related to the linearized polynomial reconstruction problem which corresponds to the decoding problem of Gabidulin codes. The structure of the scheme differs considerably from the classical McEliece setting and until our work, the scheme had never been attacked. We show in this article that this scheme like other schemes based on Gabidulin codes, is also vulnerable to a polynomial-time attack that recovers the private key by applying Overbeck's attack on an appropriate public code. As an example we break concrete proposed $80$ bits security parameters in a few seconds.Comment: To appear in Designs, Codes and Cryptography Journa

A new class of codes for Boolean masking of cryptographic computations

We introduce a new class of rate one-half binary codes: {\bf complementary information set codes.} A binary linear code of length $2n$ and dimension $n$ is called a complementary information set code (CIS code for short) if it has two disjoint information sets. This class of codes contains self-dual codes as a subclass. It is connected to graph correlation immune Boolean functions of use in the security of hardware implementations of cryptographic primitives. Such codes permit to improve the cost of masking cryptographic algorithms against side channel attacks. In this paper we investigate this new class of codes: we give optimal or best known CIS codes of length $<132.$ We derive general constructions based on cyclic codes and on double circulant codes. We derive a Varshamov-Gilbert bound for long CIS codes, and show that they can all be classified in small lengths $\le 12$ by the building up construction. Some nonlinear permutations are constructed by using $\Z_4$-codes, based on the notion of dual distance of an unrestricted code.Comment: 19 pages. IEEE Trans. on Information Theory, to appea

Designs and self-dual codes with long shadows

AbstractIn this paper we introduce the notion of s-extremal codes for self-dual binary codes and we relate this notion to the existence of 1-designs or 2-designs in these codes. We extend the classification of codes with long shadows of Elkies (Math. Res. Lett. 2(5) (1995) 643) to codes with minimum distance 6, for which we give partial classification

Linear constructions for DNA codes

AbstractIn this paper we translate in terms of coding theory constraints that are used in designing DNA codes for use in DNA computing or as bar-codes in chemical libraries. We propose new constructions for DNA codes satisfying either a reverse-complement constraint, a GC-content constraint, or both, that are derived from additive and linear codes over four-letter alphabets. We focus in particular on codes over GF(4), and we construct new DNA codes that are in many cases better (sometimes far better) than previously known codes. We provide updated tables up to length 20 that include these codes as well as new codes constructed using a combination of lexicographic techniques and stochastic search