Decoding Supercodes of Gabidulin Codes and Applications to Cryptanalysis

نویسندگان

چکیده

This article discusses the decoding of Gabidulin codes and shows how to extend usual decoder any supercode a code at cost significant decrease radius. Using this decoder, we provide polynomial time attacks on rank metric encryption schemes Ramesses Liga.

برای دانلود باید عضویت طلایی داشته باشید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

On Transform–domain Decoding of Gabidulin Codes

Gabidulin codes are the rank metric analogues of Reed–Solomon codes and found many applications including network coding. Interleaving or the direct sum of Gabidulin codes allows both decreasing the redundancy and increasing the error correcting capability for network coding. In this paper, for Gabidulin codes we propose a transform–domain algorithm correcting both errors and erasures. We show ...

متن کامل

Bounds on List Decoding Gabidulin Codes

An open question about Gabidulin codes is whether polynomial-time list decoding beyond half the minimum distance is possible or not. In this contribution, we give a lower and an upper bound on the list size, i.e., the number of codewords in a ball around the received word. The lower bound shows that if the radius of this ball is greater than the Johnson radius, this list size can be exponential...

متن کامل

Decoding Interleaved Gabidulin Codes using Alekhnovich's Algorithm

We prove that Alekhnovich’s algorithm can be used for row reduction of skew polynomial matrices. This yields an O(ln log(n)) decoding algorithm for l-Interleaved Gabidulin codes of length n, where ω is the matrix multiplication exponent, improving in the exponent of n compared to previous results.

متن کامل

Improved Cryptanalysis of Rank Metric Schemes Based on Gabidulin Codes

We prove that any variant of the GPT cryptosystem which uses a right column scrambler over the extension field as advocated by the works of Gabidulin et al. with the goal to resist to Overbeck’s structural attack are actually still vulnerable to that attack. We show that by applying the Frobenius operator appropriately on the public key, it is possible to build a Gabidulin code having the same ...

متن کامل

Decoding Interleaved Gabidulin Codes and Ciphertext-Security for GPT variants

In this paper we view interleaved Gabidulin codes and describe how to correct errors up to a rank equal to the amount of redundancy of the code with high probability. We give a detailed proof for our estimation of the probability of correct decoding. In a second part, we view the application to variants of the GPT cryptosystem. For GGPT this leads to an efficient attack on the remaining secure ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

ژورنال

عنوان ژورنال: Lecture Notes in Computer Science

سال: 2021

ISSN: ['1611-3349', '0302-9743']

DOI: https://doi.org/10.1007/978-3-030-81293-5_1