90 research outputs found
A characterization of MDS codes that have an error correcting pair
Error-correcting pairs were introduced in 1988 by R. Pellikaan, and were
found independently by R. K\"otter (1992), as a general algebraic method of
decoding linear codes. These pairs exist for several classes of codes. However
little or no study has been made for characterizing those codes. This article
is an attempt to fill the vacuum left by the literature concerning this
subject. Since every linear code is contained in an MDS code of the same
minimum distance over some finite field extension we have focused our study on
the class of MDS codes.
Our main result states that an MDS code of minimum distance has a
-ECP if and only if it is a generalized Reed-Solomon code. A second proof is
given using recent results Mirandola and Z\'emor (2015) on the Schur product of
codes
Cryptanalysis of public-key cryptosystems that use subcodes of algebraic geometry codes
We give a polynomial time attack on the McEliece public key cryptosystem
based on subcodes of algebraic geometry (AG) codes. The proposed attack reposes
on the distinguishability of such codes from random codes using the Schur
product. Wieschebrink treated the genus zero case a few years ago but his
approach cannot be extent straightforwardly to other genera. We address this
problem by introducing and using a new notion, which we call the t-closure of a
code
Cryptanalysis of McEliece Cryptosystem Based on Algebraic Geometry Codes and their subcodes
We give polynomial time attacks on the McEliece public key cryptosystem based
either on algebraic geometry (AG) codes or on small codimensional subcodes of
AG codes. These attacks consist in the blind reconstruction either of an Error
Correcting Pair (ECP), or an Error Correcting Array (ECA) from the single data
of an arbitrary generator matrix of a code. An ECP provides a decoding
algorithm that corrects up to errors, where denotes
the designed distance and denotes the genus of the corresponding curve,
while with an ECA the decoding algorithm corrects up to
errors. Roughly speaking, for a public code of length over ,
these attacks run in operations in for the
reconstruction of an ECP and operations for the reconstruction of an
ECA. A probabilistic shortcut allows to reduce the complexities respectively to
and . Compared to the
previous known attack due to Faure and Minder, our attack is efficient on codes
from curves of arbitrary genus. Furthermore, we investigate how far these
methods apply to subcodes of AG codes.Comment: A part of the material of this article has been published at the
conferences ISIT 2014 with title "A polynomial time attack against AG code
based PKC" and 4ICMCTA with title "Crypt. of PKC that use subcodes of AG
codes". This long version includes detailed proofs and new results: the
proceedings articles only considered the reconstruction of ECP while we
discuss here the reconstruction of EC
Error-correcting pairs: a new approach to code-based cryptography
International audienceMcEliece proposed the first public-key cryptosystem based on linear error-correcting codes. A code with an efficient bounded distance decoding algorithm is chosen as secret key. It is assumed that the chosen code looks like a random code. The known efficient bounded distance decoding algorithms of the families of codes proposed for code-based cryptography, like Reed-Solomon codes, Goppa codes, alternant codes or algebraic geometry codes, can be described in terms of error-correcting pairs (ECP). That means that, the McEliece cryptosystem is not only based on the intractability of bounded distance decoding but also on the problem of retrieving an error-correcting pair from the public code. In this article we propose the class of codes with a t-ECP whose error-correcting pair that is not easily reconstructed from of a given generator matrix
Integral closures and weight functions over finite fields
AbstractCurves and surfaces of type I are generalized to integral towers of rank r. Weight functions with values in Nr and the corresponding weighted total-degree monomial orderings lift naturally from one domain Rj−1 in the tower to the next, Rj, the integral closure of Rj−1[xj]/〈φ(xj)〉. The qth power algorithm is reworked in this more general setting to produce this integral closure over finite fields, though the application is primarily that of calculating the normalizations of curves related to one-point AG codes arising from towers of function fields. Every attempt has been made to couch all the theory in terms of multivariate polynomial rings and ideals instead of the terminology from algebraic geometry or function field theory, and to avoid the use of any type of series expansion
- …