Chapter

Advances in Cryptology – EUROCRYPT 2012

Volume 7237 of the series Lecture Notes in Computer Science pp 520-536

Decoding Random Binary Linear Codes in 2 n/20: How 1 + 1 = 0 Improves Information Set Decoding

  • Anja BeckerAffiliated withLaboratoire PRISM, Université de Versailles Saint-Quentin
  • , Antoine JouxAffiliated withLaboratoire PRISM, Université de Versailles Saint-QuentinDGA
  • , Alexander MayAffiliated withHorst Görtz Institute for IT-Security, Ruhr-University Bochum
  • , Alexander MeurerAffiliated withHorst Görtz Institute for IT-Security, Ruhr-University Bochum

Abstract

Decoding random linear codes is a well studied problem with many applications in complexity theory and cryptography. The security of almost all coding and LPN/LWE-based schemes relies on the assumption that it is hard to decode random linear codes. Recently, there has been progress in improving the running time of the best decoding algorithms for binary random codes. The ball collision technique of Bernstein, Lange and Peters lowered the complexity of Stern’s information set decoding algorithm to 20.0556n . Using representations this bound was improved to 20.0537n by May, Meurer and Thomae. We show how to further increase the number of representations and propose a new information set decoding algorithm with running time 20.0494n .

Keywords

Information Set Decoding Representation Technique