Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
ATZ-Fachkongress

Chassis.tech plus 2024


4 Kongresse in einer Veranstaltung

Treffen Sie in München die Fachleute von Chassis, Lenkung, Bremsen sowie Reifen/Räder.
Erweiterte Suche
Anmelden
nach oben
Designs, Codes and Cryptography
Erschienen in: Designs, Codes and Cryptography 2/2014

01.11.2014

Distinguisher-based attacks on public-key cryptosystems using Reed–Solomon codes

verfasst von: Alain Couvreur, Philippe Gaborit, Valérie Gauthier-Umaña, Ayoub Otmani, Jean-Pierre Tillich

Erschienen in: Designs, Codes and Cryptography | Ausgabe 2/2014

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Because of their interesting algebraic properties, several authors promote the use of generalized Reed–Solomon codes in cryptography. Niederreiter was the first to suggest an instantiation of his cryptosystem with them but Sidelnikov and Shestakov showed that this choice is insecure. Wieschebrink proposed a variant of the McEliece cryptosystem which consists in concatenating a few random columns to a generator matrix of a secretly chosen generalized Reed–Solomon code. More recently, new schemes appeared which are the homomorphic encryption scheme proposed by Bogdanov and Lee, and a variation of the McEliece cryptosystem proposed by Baldi et al. which hides the generalized Reed–Solomon code by means of matrices of very low rank. In this work, we show how to mount key-recovery attacks against these public-key encryption schemes. We use the concept of distinguisher which aims at detecting a behavior different from the one that one would expect from a random code. All the distinguishers we have built are based on the notion of component-wise product of codes. It results in a powerful tool that is able to recover the secret structure of codes when they are derived from generalized Reed–Solomon codes. Lastly, we give an alternative to Sidelnikov and Shestakov attack by building a filtration which enables to completely recover the support and the non-zero scalars defining the secret generalized Reed–Solomon code.
Vorheriger Artikel Improved algorithms for finding low-weight polynomial multiples in and some cryptographic applications
Nächster Artikel Towards the optimality of Feistel ciphers with substitution-permutation functions
Anhänge
Nur mit Berechtigung zugänglich
Fußnoten
1
It means that \(\mathsf{\textit{Prob} }(e_i=0)=1-\eta \) and \(\mathsf{\textit{Prob} }(e_i=x)=\frac{\eta }{q-1}\) for any \(x\) in \(\mathbb {F}_{q}\) different from zero.
 
2
See [24] which contains much more examples of codes with this kind of behavior
 
Literatur
1.
Baldi M., Bianchi M., Chiaraluce F., Rosenthal J., Schipani D.: Enhanced public key security for the McEliece cryptosystem. ArXiv:1108.2462v2 (2011, Submitted).
2.
Baldi M., Bianchi M., Chiaraluce F., Rosenthal J., Schipani D.: Enhanced public key security for the McEliece cryptosystem. ArXiv:1108.2462v3 (2012, Submitted).
3.
Berger T.P., Loidreau P.: How to mask the structure of codes for a cryptographic use. Des. Codes Cryptogr. 35(1), 63–79 (2005).
4.
Bernstein D.J., Lange T., Peters C.: Wild McEliece. In: Selected Areas in Cryptography, pp. 143–158 (2010).
5.
Bogdanov A., Lee C.H.: Homomorphic encryption from codes. ArXiv:1111.4301. This paper was accepted for publication in the proceedings of the 44th ACM Symposium on Theory of Computing (STOC). The authors withdrew their paper after they learned that their scheme was threatened (2011).
6.
Bosma W., Cannon J.J., Playoust Catherine: The Magma algebra system. I: the user language. J. Symb. Comput. 24(3/4), 235–265 (1997).
7.
Brakerski Z.: When homomorphism becomes a liability. In: TCC, pp. 143–161 (2013).
8.
Cascudo I., Chen H., Cramer R., Xing C.: Asymptotically good ideal linear secret sharing with strong multiplication over any fixed finite field. In: Halevi S. (ed.) Advances in Cryptology: CRYPTO 2009. Lecture Notes in Computer Science, vol. 5677, pp. 466–486. Springer, Berlin (2009).
9.
Cascudo I., Cramer R., Xing C.: The torsion-limit for algebraic function fields and its application to arithmetic secret sharing. In: Rogaway P. (ed.) Advances in Cryptology: CRYPTO 2011. Lecture Notes in Computer Science, vol. 6841, pp. 685–705. Springer, Berlin (2011).
10.
Chizhov I.V., Bordodin M.A.: The failure of McEliece PKC based on Reed–Muller codes. Cryptology ePrint Archive, Report 2013/287 (2013).
11.
Couvreur A., Otmani A., Tillich J.P.: Polynomial time attack on wild McEliece over quadratic extensions. In: EUROCRYPT (2014) (To appear).
12.
Faugère J.-C., Gauthier V., Otmani A., Perret L., Tillich J.-P.: A distinguisher for high rate McEliece cryptosystems. In: Proceedings of the Information Theory Workshop 2011, ITW 2011, Paraty, Brasil, pp. 282–286 (2011).
13.
Faugère J.-C., Gauthier-Umaña V., Otmani A., Perret L., Tillich J.-P.: A distinguisher for high-rate McEliece cryptosystems. IEEE Trans. Inf. Theory, 59(10), 6830–6844 (2013).
14.
Faure C., Minder L.: Cryptanalysis of the McEliece cryptosystem over hyperelliptic curves. In: Proceedings of the Eleventh International Workshop on Algebraic and Combinatorial Coding Theory, Pamporovo, Bulgaria, pp. 99–107 (2008).
15.
16.
Gibson J.: Equivalent Goppa codes and trapdoors to McEliece’s public key cryptosystem. In: Davies D. (ed.) Advances in Cryptology: EUROCRYPT 91. Lecture Notes in Computer Science, vol. 547, pp. 517–521. Springer, Berlin (1991).
17.
Huffman W.C., Pless V.: Fundamentals of Error-Correcting Codes. Cambridge University Press, Cambridge (2003).
18.
Kötter R.: A unified description of an error locating procedure for linear codes. In: Proceedings of the Algebraic and Combinatorial Coding Theory, Voneshta Voda, pp. 113–117 (1992).
19.
Loidreau P., Sendrier N.: Weak keys in the McEliece public-key cryptosystem. IEEE Trans. Inf. Theory 47(3), 1207–1211 (2001).
20.
Márquez-Corbella I., Martínez-Moro E., Pellikaan R.: Evaluation of public-key cryptosystems based on algebraic geometry codes. In: Borges J., Villanueva M. (eds.) Proceedings of the Third International Castle Meeting on Coding Theory and Applications, Barcelona, pp. 199–204 (2011).
21.
Márquez-Corbella I., Martínez-Moro E., Pellikaan R.: The non-gap sequence of a subcode of a generalized Reed–Solomon code. In: Finiasz M., Sendrier N., Charpin P., Otmani A. (eds.) Proceedings of the 7th International Workshop on Coding and Cryptography WCC 2011, Paris, pp. 183–193 (2011).
22.
Márquez-Corbella I., Martínez-Moro E., Pellikaan R.: The non-gap sequence of a subcode of a generalized Reed–Solomon code. Des. Codes Cryptogr. 66, 1–17 (2012).
23.
Márquez-Corbella, I., Martínez-Moro, E., Pellikaan, R.: On the unique representation of very strong algebraic geometry codes. Des. Codes Cryptogr. 70, 1–16 (2012).
24.
Márquez-Corbella I., Pellikaan R.: Error-correcting pairs for a public-key cryptosystem (2012) (preprint).
25.
MacWilliams F.J., Sloane N.J.A.: The Theory of Error-Correcting Codes, 5th edn. North-Holland, Amsterdam (1986).
26.
McEliece R.J.: A public-key system based on algebraic coding theory, pp. 114–116. Jet Propulsion Lab, DSN Progress, Report 44 (1978).
27.
Minder L., Shokrollahi A.: Cryptanalysis of the sidelnikov cryptosystem. In: EUROCRYPT 2007, Barcelona. Lecture Notes in Computer Science, vol. 4515, pp. 347–360 (2007).
28.
Niederreiter H.: Knapsack-type cryptosystems and algebraic coding theory. Probl. Control Inf. Theory 15(2), 159–166 (1986).
29.
Pellikaan R.: On decoding by error location and dependent sets of error positions. Discret. Math. 106–107, 368–381 (1992).
30.
Sidelnikov V.M.: A public-key cryptosystem based on Reed–Muller codes. Discret. Math. Appl. 4(3), 191–207 (1994).
31.
Sidelnikov V.M., Shestakov S.O.: On the insecurity of cryptosystems based on generalized Reed–Solomon codes. Discret. Math. Appl. 1(4), 439–444 (1992).
32.
Wieschebrink C.: Two NP-complete problems in coding theory with an application in code based cryptography. In: IEEE International Symposium on Information Theory, pp. 1733–1737 (2006).
33.
Wieschebrink C.: Cryptanalysis of the Niederreiter public key scheme based on GRS subcodes. In: Sendrier N. (ed.) Post-Quantum Cryptography, Third International Workshop, PQCrypto 2010. Lecture Notes in Computer Science, vol. 6061, pp. 61–72. Springer, Darmstadt (2010).
Metadaten
Titel
Distinguisher-based attacks on public-key cryptosystems using Reed–Solomon codes
verfasst von
Alain Couvreur
Philippe Gaborit
Valérie Gauthier-Umaña
Ayoub Otmani
Jean-Pierre Tillich
Publikationsdatum
01.11.2014
Verlag
Springer US
Erschienen in
Designs, Codes and Cryptography / Ausgabe 2/2014
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI
https://doi.org/10.1007/s10623-014-9967-z

Weitere Artikel der Ausgabe 2/2014

Designs, Codes and Cryptography 2/2014 Zur Ausgabe

OriginalPaper

Generation of full cycles by a composition of NLFSRs

OriginalPaper

A matrix approach for constructing quadratic APN functions

OriginalPaper

Connections between Construction D and related constructions of lattices

OriginalPaper

Small secret exponent attack on RSA variant with modulus

OriginalPaper

Linear covering codes and error-correcting codes for limited-magnitude errors

OriginalPaper

Wiretap lattice codes from number fields with no small norm elements

Premium Partner

    Bildnachweise