97 research outputs found
Exhaustive Search for Small Dimension Recursive MDS Diffusion Layers for Block Ciphers and Hash Functions
This article presents a new algorithm to find MDS matrices that are well
suited for use as a diffusion layer in lightweight block ciphers. Using an
recursive construction, it is possible to obtain matrices with a very compact
description. Classical field multiplications can also be replaced by simple
F2-linear transformations (combinations of XORs and shifts) which are much
lighter. Using this algorithm, it was possible to design a 16x16 matrix on a
5-bit alphabet, yielding an efficient 80-bit diffusion layer with maximal
branch number.Comment: Published at ISIT 201
Discrete logarithm computations over finite fields using Reed-Solomon codes
Cheng and Wan have related the decoding of Reed-Solomon codes to the
computation of discrete logarithms over finite fields, with the aim of proving
the hardness of their decoding. In this work, we experiment with solving the
discrete logarithm over GF(q^h) using Reed-Solomon decoding. For fixed h and q
going to infinity, we introduce an algorithm (RSDL) needing O (h! q^2)
operations over GF(q), operating on a q x q matrix with (h+2) q non-zero
coefficients. We give faster variants including an incremental version and
another one that uses auxiliary finite fields that need not be subfields of
GF(q^h); this variant is very practical for moderate values of q and h. We
include some numerical results of our first implementations
Problématique des bons codes sur le corps à deux éléments
National audienceWe discuss the problem of list decoding, for the binary case.Dans cette présentation, nous indiquons que la capacité de Shannon peut être dans un cadre déterministe, en utilisant le décodage en liste. Comme dans le cas classique, le cas de l'alphabet s'avère le plus difficile
Les codes algébriques principaux et leur décodage
National audienceLe premier exposé reprend les algorithmes classiques de décodage des codes géométriques, basés sur l'algorithme de Berlekamp-Massey et ses généralisations multivariées (Berlekamp-Massey-Sakata). Toutefois, avant de présenter ces algorithmes, je rappelerai les bases de la théorie des codes : codes linéaires, borne de Singleton, codes de Reed-Solomon, borne de Hamming. Ensuite, j'introduirai de manière motivée la famille des codes géométriques, comme généralisation des codes géométriques, après un bref rappel de la théorie des courbes algébriques sur les corps finis. La cadre sera alors en place pour introduire le décodage par syndrômes, qui est le décodage classique des codes géométriques. Le deuxième exposé est consacré aux progrès récents dans le domaine du codage algébrique, qui reposent sur le décodage par interpolation. Ces progrès sont dus à Guruswami-Sudan, et reposent sur une vision duale des codes de Reed-Solomon et des codes géométriques. Je présenterai dans l'ordre les algorithmes de Berlekamp-Welsh, Sudan et Guruswami-Sudan, dans le contexte des codes de Reed-Solomon et dans le contexte des codes géométriques. On verra finalement comment l'algorithme de Berlekamp-Massey-Sakata peut être recyclé dans ce contexte
Generalization of Gabidulin Codes over Fields of Rational Functions
We transpose the theory of rank metric and Gabidulin codes to the case of
fields which are not finite fields. The Frobenius automorphism is replaced by
any element of the Galois group of a cyclic algebraic extension of a base
field. We use our framework to define Gabidulin codes over the field of
rational functions using algebraic function fields with a cyclic Galois group.
This gives a linear subspace of matrices whose coefficients are rational
function, such that the rank of each of this matrix is lower bounded, where the
rank is comprised in term of linear combination with rational functions. We
provide two examples based on Kummer and Artin-Schreier extensions.The matrices
that we obtain may be interpreted as generating matrices of convolutional
codes.Comment: 21st International Symposium on Mathematical Theory of Networks and
Systems (MTNS 2014), Jul 2014, Groningen, Netherlands.
https://fwn06.housing.rug.nl/mtns2014
On formulas for decoding binary cyclic codes
We adress the problem of the algebraic decoding of any cyclic code up to the
true minimum distance. For this, we use the classical formulation of the
problem, which is to find the error locator polynomial in terms of the syndroms
of the received word. This is usually done with the Berlekamp-Massey algorithm
in the case of BCH codes and related codes, but for the general case, there is
no generic algorithm to decode cyclic codes. Even in the case of the quadratic
residue codes, which are good codes with a very strong algebraic structure,
there is no available general decoding algorithm. For this particular case of
quadratic residue codes, several authors have worked out, by hand, formulas for
the coefficients of the locator polynomial in terms of the syndroms, using the
Newton identities. This work has to be done for each particular quadratic
residue code, and is more and more difficult as the length is growing.
Furthermore, it is error-prone. We propose to automate these computations,
using elimination theory and Grbner bases. We prove that, by computing
appropriate Grbner bases, one automatically recovers formulas for the
coefficients of the locator polynomial, in terms of the syndroms
Information Sets of Multiplicity Codes
We here provide a method for systematic encoding of the Multiplicity codes
introduced by Kopparty, Saraf and Yekhanin in 2011. The construction is built
on an idea of Kop-party. We properly define information sets for these codes
and give detailed proofs of the validity of Kopparty's construction, that use
generating functions. We also give a complexity estimate of the associated
encoding algorithm.Comment: International Symposium on Information Theory, Jun 2015, Hong-Kong,
China. IEE
Algebraic Solutions of Newton's identities for cyclic codes
International audienceThis paper consider the use of Newton's identities for establishing properties of cyclic codes. The main tool is to consider these identities as equations, and to look for the properties of the solutions. First these equations have been considered as necessary conditions for establishing non existence properties of cyclic codes, such as the non existence of codewords of a given weight. The properties of these equations are studied, and the properties of the solution to the algebraic system are given. The main theorem is that codewords in a hamming sphere around a given word can be characterized by algebraic conditions. This theorem enables to describe the minimum codewords of a given cyclic codes, by algebraic conditions. The equations are solved using the Buchberger's algorithm for computing a Groebner basis. Examples are also given with alternant codes, and with a non linear code
Newton's identities for minimum codewords of a family of alternant codes
International audienceWe are able to define minimum weight codewords of some alternant codes in terms of solutions to algebraic equations. Particular attention is given to the case of the classical Goppa codes. Grobner bases are used to solve the system of algebraic equation
List-Decoding of Binary Goppa Codes up to the Binary Johnson Bound
International audienceWe study the list-decoding problem of alternant codes (which includes obviously that of classical Goppa codes). The major consideration here is to take into account the (small) size of the alphabet. This amounts to comparing the generic Johnson bound to the q-ary Johnson bound. The most favourable case is q = 2, for which the decoding radius is greatly improved. Even though the announced result, which is the list-decoding radius of binary Goppa codes, is new, we acknowledge that it can be made up from separate previous sources, which may be a little bit unknown, and where the binary Goppa codes has apparently not been thought at. Only D. J. Bernstein has treated the case of binary Goppa codes in a preprint. References are given in the introduction. We propose an autonomous and simplified treatment and also a complexity analysis of the studied algorithm, which is quadratic in the blocklength n, when decoding away of the relative maximum decoding radius
- …