43 research outputs found
A characterization of MDS codes that have an error correcting pair
Error-correcting pairs were introduced in 1988 by R. Pellikaan, and were
found independently by R. K\"otter (1992), as a general algebraic method of
decoding linear codes. These pairs exist for several classes of codes. However
little or no study has been made for characterizing those codes. This article
is an attempt to fill the vacuum left by the literature concerning this
subject. Since every linear code is contained in an MDS code of the same
minimum distance over some finite field extension we have focused our study on
the class of MDS codes.
Our main result states that an MDS code of minimum distance has a
-ECP if and only if it is a generalized Reed-Solomon code. A second proof is
given using recent results Mirandola and Z\'emor (2015) on the Schur product of
codes
A Combinatorial Commutative Algebra Approach to Complete Decoding
Esta tesis pretende explorar el nexo de unión que existe entre la estructura algebraica de un código lineal y el proceso de descodificación completa. Sabemos que el proceso de descodificación completa para códigos lineales arbitrarios es NP-completo, incluso si se admite preprocesamiento de los datos. Nuestro objetivo es realizar un análisis algebraico del proceso de la descodificación, para ello asociamos diferentes estructuras matemáticas a ciertas familias de códigos. Desde el punto de vista computacional, nuestra descripción no proporciona un algoritmo eficiente pues nos enfrentamos a un problema de naturaleza NP. Sin embargo, proponemos algoritmos alternativos y nuevas técnicas que permiten relajar las condiciones del problema reduciendo los recursos de espacio y tiempo necesarios para manejar dicha estructura algebraica.Departamento de Algebra, Geometría y Topologí
Cryptanalysis of McEliece Cryptosystem Based on Algebraic Geometry Codes and their subcodes
We give polynomial time attacks on the McEliece public key cryptosystem based
either on algebraic geometry (AG) codes or on small codimensional subcodes of
AG codes. These attacks consist in the blind reconstruction either of an Error
Correcting Pair (ECP), or an Error Correcting Array (ECA) from the single data
of an arbitrary generator matrix of a code. An ECP provides a decoding
algorithm that corrects up to errors, where denotes
the designed distance and denotes the genus of the corresponding curve,
while with an ECA the decoding algorithm corrects up to
errors. Roughly speaking, for a public code of length over ,
these attacks run in operations in for the
reconstruction of an ECP and operations for the reconstruction of an
ECA. A probabilistic shortcut allows to reduce the complexities respectively to
and . Compared to the
previous known attack due to Faure and Minder, our attack is efficient on codes
from curves of arbitrary genus. Furthermore, we investigate how far these
methods apply to subcodes of AG codes.Comment: A part of the material of this article has been published at the
conferences ISIT 2014 with title "A polynomial time attack against AG code
based PKC" and 4ICMCTA with title "Crypt. of PKC that use subcodes of AG
codes". This long version includes detailed proofs and new results: the
proceedings articles only considered the reconstruction of ECP while we
discuss here the reconstruction of EC
Cryptanalysis of public-key cryptosystems that use subcodes of algebraic geometry codes
We give a polynomial time attack on the McEliece public key cryptosystem
based on subcodes of algebraic geometry (AG) codes. The proposed attack reposes
on the distinguishability of such codes from random codes using the Schur
product. Wieschebrink treated the genus zero case a few years ago but his
approach cannot be extent straightforwardly to other genera. We address this
problem by introducing and using a new notion, which we call the t-closure of a
code
Error-correcting pairs: a new approach to code-based cryptography
International audienceMcEliece proposed the first public-key cryptosystem based on linear error-correcting codes. A code with an efficient bounded distance decoding algorithm is chosen as secret key. It is assumed that the chosen code looks like a random code. The known efficient bounded distance decoding algorithms of the families of codes proposed for code-based cryptography, like Reed-Solomon codes, Goppa codes, alternant codes or algebraic geometry codes, can be described in terms of error-correcting pairs (ECP). That means that, the McEliece cryptosystem is not only based on the intractability of bounded distance decoding but also on the problem of retrieving an error-correcting pair from the public code. In this article we propose the class of codes with a t-ECP whose error-correcting pair that is not easily reconstructed from of a given generator matrix
On the fan associated to a linear code
International audienceWe will show how one can compute all reduced Gröbner bases with re-spect to a degree compatible ordering for code ideals -even though these binomial ideals are not toric. To this end, the correspondence of linear codes and binomial ideals will be briefly described as well as their resemblance to toric ideals. Finally, we will hint at applications of the degree compatible Gröbner fan to the code equivalence problem
Is it hard to retrieve an error-correcting pair?
International audienceCode-based cryptography is an interesting alternative to classic number-theory Public-Key Cryptosystems (PKC) since it is conjectured to be secure against quantum computer attacks. Many families of codes have been proposed for these cryp-tosystems. One of the main requirements is having high performance t-bounded decoding algorithms which is achieved in the case the code has a terror correcting pair (ECP). The class of codes with a t-ECP is proposed for the McEliece cryp-tosystem. The hardness of retrieving the t-ECP for a given code is considered. To this end we have to solve a large system of bilinear equations. Two possible induction procedures are considered, one for sub/super ECP's and one by punctur-ing/shortening. In both procedures in every step only a few bilinear equations need to be solved