Résultants de polynômes de Ore et Cryptosystèmes de McEliece sur des Codes Rang faiblement structurés. (Resultants of Ore polynomials and McEliece Cryptosystems based on weakly structured Rank Codes)

Weakly Structured Error Correcting Codes in Rank Metric and their Application to Cryptography The most commonly used encryption techniques in cryptography are based on problems in number theory. Despite their efficiency, they are vulnerable to post-quantum cryptographic attack. Therefore it is relevant to study other types of cryptosystems. In this work we study errorcorrector codes based cryptosystmems , introduced by McEliece in 1978 [McEl] ; being based on hard problems in coding theory, these cryptosystems do not have this weakness. However these cryptosystems are almost not used in practice because they are vulnerable to strucural attacks and they require a key with very big length. Recently [Mis], [MTSB] a new family of codes named MDPC codes has been introduced as well as a cryptosystem that is based on these codes. It seems that MDPC codes are distinguishable only by finding words with weak weight in their dual, thus preventing them from structural attacks. Furthermore, they can have compact keys by using quasi-cyclic matrices. In the present paper we use the rank metric, a new metric for codes that was introduced by Gabidulin in [Gab1] and seems suited for a cryptographic use : • At first we studied Ore Polynomials [Ore1] and the special case of q-polynomials [Ore2], the latter being iterates of the Fobenius automorphism on a finite field. These polynomials are widely in rank metric due to their use in the first code-based cryptosystems in rank metric. We reformulate already known results and give new results regarding the computation of GCD, resultants and subresultants of two Ore polynomials (as well as usual polynomials for which we give a generalization of the resultant computation to subresultants) using a right-hand multiplication matrix which is smaller than the wellknown Sylvester matrix. These results may be reused in the cryptosystem we introduce in the next chapters, though this cryptosystem is not based on q-polynomials. • In the next part of our work we define the LRPC codes (for Low Rank Parity Check Codes), a new family of codes in rank metric. These codes have a parity check matrix whose rank weight is low (and thus they can be seen as a generalization of LDPC or MDPC codes to rank metric). We present the LRPC cryptosystem, a McEliece cryptosystem in rank metric based on LRPC codes. These codes are weakly structured and so are likely to resist structural attacks. We can choose a double-circulant parity check matrix which greatly lowers the key size (we name these particular codes DC-LRPC codes). Thus the DC-LRPC cryptosystems have a good security (being based on a hard problem in coding theory), are weakly structured, have small public keys and can be quickly decoded. An attack was found for DC-LRPC cryptosystem. This attack relies on folded codes and may greatly lower the security of the cryptosystem, however it works only when the polynomial X + X + ··· + 1 has a divisor with big degree. We give parameters for which the cryptosystem remains valid.