Polynomial time attack on high rate random alternant codes

04/28/2023
by   Magali Bardet, et al.
0

A long standing open question is whether the distinguisher of high rate alternant codes or Goppa codes <cit.> can be turned into an algorithm recovering the algebraic structure of such codes from the mere knowledge of an arbitrary generator matrix of it. This would allow to break the McEliece scheme as soon as the code rate is large enough and would break all instances of the CFS signature scheme. We give for the first time a positive answer for this problem when the code is a generic alternant code and when the code field size q is small : q ∈{2,3} and for all regime of other parameters for which the aforementioned distinguisher works. This breakthrough has been obtained by two different ingredients : (i) a way of using code shortening and the component-wise product of codes to derive from the original alternant code a sequence of alternant codes of decreasing degree up to getting an alternant code of degree 3 (with a multiplier and support related to those of the original alternant code); (ii) an original Gröbner basis approach which takes into account the non standard constraints on the multiplier and support of an alternant code which recovers in polynomial time the relevant algebraic structure of an alternant code of degree 3 from the mere knowledge of a basis for it.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
06/17/2023

A new approach based on quadratic forms to attack the McEliece cryptosystem

We bring in here a novel algebraic approach for attacking the McEliece c...
research
12/31/2021

Polynomial-Time Key Recovery Attack on the Lau-Tan Cryptosystem Based on Gabidulin Codes

This paper presents a key recovery attack on the cryptosystem proposed b...
research
02/29/2020

A new construction of Algebraic Geometry code using Trace function

In this note, we give a construction of Algebraic-Geometry codes on alge...
research
05/14/2018

An efficient structural attack on NIST submission DAGS

We present an efficient key recovery attack on code based encryption sch...
research
03/03/2018

Matrix-product structure of constacyclic codes over finite chain rings F_p^m[u]/〈 u^e〉

Let m,e be positive integers, p a prime number, F_p^m be a finite field ...
research
11/25/2021

On the dimension and structure of the square of the dual of a Goppa code

The Goppa Code Distinguishing (GD) problem asks to distinguish efficient...
research
04/07/2022

Multi-twisted codes as free modules over principal ideal domains

We begin this chapter by introducing the simple algebraic structure of c...

Please sign up or login with your details

Forgot password? Click here to reset