Decoding Random Linear Codes in $\tilde{\mathcal{O}}(2^{0.054n})$

Purchase on

$29.95 / €24.95 / £19.95*

* Final gross prices may vary according to local VAT.

Get Access


Decoding random linear codes is a fundamental problem in complexity theory and lies at the heart of almost all code-based cryptography. The best attacks on the most prominent code-based cryptosystems such as McEliece directly use decoding algorithms for linear codes. The asymptotically best decoding algorithm for random linear codes of length n was for a long time Stern’s variant of information-set decoding running in time $\tilde{\mathcal{O}}\left(2^{0.05563n}\right)$ . Recently, Bernstein, Lange and Peters proposed a new technique called Ball-collision decoding which offers a speed-up over Stern’s algorithm by improving the running time to $\tilde{\mathcal{O}}\left(2^{0.05558n}\right)$ .

In this paper, we present a new algorithm for decoding linear codes that is inspired by a representation technique due to Howgrave-Graham and Joux in the context of subset sum algorithms. Our decoding algorithm offers a rigorous complexity analysis for random linear codes and brings the time complexity down to $\tilde{\mathcal{O}}\left(2^{0.05363n}\right)$ .