Recent Progress in Code-Based Cryptography

  • Pierre-Louis Cayrel
  • Sidi Mohamed El Yousfi Alaoui
  • Gerhard Hoffmann
  • Mohammed Meziani
  • Robert Niebuhr
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 200)

Abstract

The last three years have witnessed tremendous progress in the understanding of code-based cryptography. One of its most promising applications is the design of cryptographic schemes with exceptionally strong security guarantees and other desirable properties. In contrast to number-theoretic problems typically used in cryptography, the underlying problems have so far resisted subexponential time attacks as well as quantum algorithms. This paper will survey the more recent developments.

Keywords

Post-quantum cryptography coding-based cryptography encryption digital signatures identification secret-key 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Berlekamp, E., McEliece, R., van Tilborg, H.: On the Inherent Intractability of Certain Coding Problems. IEEE Transactions on Information Theory IT-24(3) (1978)Google Scholar
  2. 2.
    McEliece, R.: A Public-Key Cryptosystem Based on Algebraic Coding Theory. The Deep Space Network Progress Report, DSN PR, 42–44 (1978), http://ipnpr.jpl.nasa.gov/progressreport2/42-44/44N.PDF
  3. 3.
    Niederreiter, H.: Knapsack-type Cryptosystems and Algebraic Coding Theory. Problems of Control and Information Theory 15(2), 159–166 (1986)MathSciNetMATHGoogle Scholar
  4. 4.
    Overbeck, R., Sendrier, N.: Code-Based Cryptography, pp. 95–146. Springer, Heidelberg (2008)MATHGoogle Scholar
  5. 5.
    Barreto, P.S.L.M., Lindner, R., Misoczki, R.: Decoding Square-Free Goppa Codes over \(\mathbb{F}_p\). Cryptology ePrint Archive, Report 2010/372 (2010), http://eprint.iacr.org/
  6. 6.
    Berger, T.P., Cayrel, P.-L., Gaborit, P., Otmani, A.: Reducing Key Length of the McEliece Cryptosystem. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 77–97. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  7. 7.
    Bernstein, D.J.: List Decoding for Binary Goppa Codes. Preprint (2008), http://cr.yp.to/papers.html#goppalist
  8. 8.
    Bernstein, D.J., Buchmann, J., Dahmen, E.: Post-Quantum Cryptography. Springer, Heidelberg (2008)Google Scholar
  9. 9.
    Biswas, B., Sendrier, N.: Mceliece Cryptosystem Implementation: Theory and Practice. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 47–62. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    Gaborit, P.: Shorter Keys for Code-based Cryptography. In: International Workshop on Coding and Cryptography – WCC 2005, pp. 81–91. ACM Press, Bergen (2005)Google Scholar
  11. 11.
    Loidreau, P.: Designing a rank metric based McEliece cryptosystem. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 142–152. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    McEliece, R.: A Public-Key Cryptosystem Based on Algebraic Coding Theory. The Deep Space Network Progress Report, DSN PR, 42–44 (1978), http://ipnpr.jpl.nasa.gov/progressreport2/42-44/44N.PDF
  13. 13.
    Misoczki, R., Barreto, P.S.L.M.: Compact McEliece Keys from Goppa Codes (2009) (preprint), http://eprint.iacr.org/2009/187.pdf
  14. 14.
    Niederreiter, H.: Knapsack-type Cryptosystems and Algebraic Coding Theory. Problems of Control and Information Theory 15(2), 159–166 (1986)MathSciNetMATHGoogle Scholar
  15. 15.
    Cayrel, P.-L., Gaborit, P., Prouff, E.: Secure Implementation of the Stern Authentication and Signature Schemes for Low-Resource Devices. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 191–205. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Cayrel, P.-L., Véron, P., Alaoui, S.M.Y.: A Zero-Knowledge Identification Scheme Based on the q-ary Syndrome Decoding Problem. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 171–186. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  17. 17.
    Gaborit, P., Girault, M.: Lightweight Code-based Authentication and Signature. In: IEEE International Symposium on Information Theory – ISIT 2007, pp. 191–195. IEEE, Nice (2007)CrossRefGoogle Scholar
  18. 18.
    Shamir, A.: An Efficient Identification Scheme Based on Permuted Kernels. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 606–609. Springer, Heidelberg (1990)Google Scholar
  19. 19.
    Stern, J.: Designing Identification Schemes with Keys of Short Size. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 164–173. Springer, Heidelberg (1994)Google Scholar
  20. 20.
    Stern, J.: A New Identification Scheme Based on Syndrome Decoding. In: Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, pp. 13–21. Springer-Verlag New York, Inc., New York (1994)Google Scholar
  21. 21.
    Alabbadi, M., Wicker, S.B.: Security of Xinmei Digital Signature Scheme (1992)Google Scholar
  22. 22.
    Alabbadi, M., Wicker, S.B.: Digital Signature Scheme Based on Error-Correcting Codes. In: IEEE International Symposium on Information Theory, pp. 9–19. IEEE, Los Alamitos (1993)Google Scholar
  23. 23.
    Barreto, P.S.L.M., Cayrel, P.-L., Misoczki, R., Niebuhr, R.: Quasi-dyadic CFS signatures. In: Lin, D. (ed.) Inscrypt 2010. LNCS, vol. 6584, pp. 336–349. Springer, Heidelberg (2011)Google Scholar
  24. 24.
    Barreto, P.S.L.M., Misoczki, R., Simplício Jr., M.A.: One-Time Signature Scheme from Syndrome Decoding over Generic Error-Correcting Codes. Journal of Systems and Software 84(2), 198–204 (2011)CrossRefGoogle Scholar
  25. 25.
    Berlekamp, E., McEliece, R., van Tilborg, H.: On the Inherent Intractability of Certain Coding Problems. IEEE Transactions on Information Theory 24(3), 384–386 (1978)MathSciNetCrossRefMATHGoogle Scholar
  26. 26.
    Cayrel, P.-L., Otmani, A., Vergnaud, D.: On Kabatianskii-Krouk-Smeets Signatures. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 237–251. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  27. 27.
    Dallot, L.: Towards a Concrete Security Proof of Courtois, Finiasz and Sendrier Signature Scheme. In: Proceedings of WEWoRC 2007, Bochum, Germany (2007), http://users.info.unicaen.fr/~ldallot/download/articles/CFSProof-dallot.pdf
  28. 28.
    Finiasz, M.: Parallel-CFS: Strengthening the CFS Mc-Eliece-Based Signature Scheme. In: Biryukov, A., Gong, G., Stinson, D. (eds.) SAC 2010. LNCS, vol. 6544, pp. 159–170. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  29. 29.
    Finiasz, M., Sendrier, N.: Security bounds for the design of code-based cryptosystems. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 88–105. Springer, Heidelberg (2009), http://eprint.iacr.org/2009/414.pdf CrossRefGoogle Scholar
  30. 30.
    Harn, L., Wang, D.C.: Cryptoanalysis and Modification of Digital Signature Scheme Based on Error-Correcting Codes (1992)Google Scholar
  31. 31.
    Kabatianskii, G., Krouk, E., Smeets, B.J.M.: A Digital Signature Scheme Based on Random Error-Correcting Codes. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 161–167. Springer, Heidelberg (1997)Google Scholar
  32. 32.
    Schnorr, C.P.: Efficient Identification and Signatures for Smart Cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)Google Scholar
  33. 33.
    Augot, D., Finiasz, M., Gaborit, P., Manuel, S., Sendrier, N.: SHA-3 Proposal: FSB. Submission to the SHA-3 NIST Competition (2008)Google Scholar
  34. 34.
    Augot, D., Finiasz, M., Sendrier, N.: A Fast Provably Secure Cryptographic Hash Function. Cryptology ePrint Archive, Report 2003/230 (2003), http://eprint.iacr.org/
  35. 35.
    Augot, D., Finiasz, M., Sendrier, N.: A Family of Fast Syndrome Based Cryptographic Hash Functions. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 64–83. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  36. 36.
    Bellare, M., Goldreich, O., Goldwasser, S.: Incremental Cryptography: The Case of Hashing and Signing. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 216–233. Springer, Heidelberg (1994)Google Scholar
  37. 37.
    Bellare, M., Micciancio, D.: A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 163–192. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  38. 38.
    Berger, T.P., Cayrel, P.-L., Gaborit, P., Otmani, A.: Reducing Key Length of the McEliece Cryptosystem. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 77–97. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  39. 39.
    Bernstein, D.J., Lange, T., Peters, C., Schwabe, P.: Faster 2-regular Information-Set Decoding (2011)Google Scholar
  40. 40.
    Bernstein, D.J., Lange, T., Peters, C., Schwabe, P.: Really Fast Syndrome-Based Hashing. Cryptology ePrint Archive, Report 2011/074 (2011), http://eprint.iacr.org/
  41. 41.
    Damgård, I.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)Google Scholar
  42. 42.
    Fischer, J.-B., Stern, J.: An Efficient Pseudo-Random Generator Provably as Secure as Syndrome Decoding. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 245–255. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  43. 43.
    Gaborit, P., Laudauroux, C., Sendrier, N.: SYND: A Fast Code-Based Stream Cipher with a Security Reduction. In: Proceeedings of ISIT 2007 (2007)Google Scholar
  44. 44.
    Guillot, P.: Algorithmes pour le codage á poids constant (unpublished)Google Scholar
  45. 45.
    Merkle, R.C.: One Way Hash Functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)Google Scholar
  46. 46.
    Zobrist, A.L.: A New Hashing Method with Application for Game Playing. Technical Report 88, U. Wisconsin CS Department (April 1970), https://www.cs.wisc.edu/techreports/1970/TR88.pdf
  47. 47.
    Augot, D., Finiasz, M., Sendrier, N.: A Family of Fast Syndrome Based Cryptographic Hash Functions. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 64–83. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  48. 48.
    Berger, T.P., Cayrel, P.-L., Gaborit, P., Otmani, A.: Reducing Key Length of the McEliece Cryptosystem. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 77–97. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  49. 49.
    Bernstein, D.J.: Grover vs. McEliece. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 73–80. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  50. 50.
    Bernstein, D.J., Buchmann, J., Dahmen, E.: Post-Quantum Cryptography. Springer, Heidelberg (2008)Google Scholar
  51. 51.
    Bernstein, D.J., Lange, T., Peters, C.: Attacking and Defending the McEliece Cryptosystem. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 31–46. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  52. 52.
    Bernstein, D.J., Lange, T., Peters, C.: Ball-Collision Decoding. Cryptology ePrint Archive, Report 2010/585 (2010), http://eprint.iacr.org/
  53. 53.
    Bernstein, D.J., Lange, T., Peters, C., Schwabe, P.: Faster 2-regular Information-Set Decoding. Cryptology ePrint Archive, Report 2011/120 (2011), http://eprint.iacr.org/
  54. 54.
    Canteaut, A., Chabaud, F.: A New Algorithm for Finding Minimum-Weight Words in a Linear Code: Application to Primitive Narrow-Sense BCH-Codes of Length 511. IEEE Transactions on Information Theory 44(1), 367–378 (1998)MathSciNetCrossRefMATHGoogle Scholar
  55. 55.
    Peters, C., Bernstein, D.J., Lange, T., van Tilborg, H.C.A.: Explicit Bounds for Generic Decoding Algorithms for Code-Based Cryptography. In: Pre-proceedings of WCC 2009, pp. 168–180 (2009)Google Scholar
  56. 56.
    Faugère, J.-C., Gauthier, V., Otmani, A., Perret, L., Tillich, J.-P.: A distinguisher for high rate mceliece cryptosystems. Cryptology ePrint Archive, Report 2010/331 (2010), http://eprint.iacr.org/
  57. 57.
    Faugère, J.-C., Otmani, A., Perret, L., Tillich, J.-P.: Algebraic Cryptanalysis of McEliece Variants with Compact Keys. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 279–298. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  58. 58.
    Faugère, J.-C., Otmani, A., Perret, L., Tillich, J.-P.: Algebraic Cryptanalysis of McEliece Variants with Compact Keys – Towards a Complexity Analysis. In: SCC 2010: Proceedings of the 2nd International Conference on Symbolic Computation and Cryptography, RHUL, pp. 45–55 (June 2010)Google Scholar
  59. 59.
    Finiasz, M., Sendrier, N.: Security Bounds for the Design of Code-based Cryptosystems. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 88–105. Springer, Heidelberg (2009), http://eprint.iacr.org/2009/414.pdf CrossRefGoogle Scholar
  60. 60.
    Gauthier, V., Leander, G.: Practical Key Recovery Attacks on Two McEliece Variants. Cryptology ePrint Archive, Report 2009/509 (2009), http://eprint.iacr.org/
  61. 61.
    Grover, L.K.: A Fast Quantum Mechanical Algorithm for Database Search. In: STOC, pp. 212–219 (1996)Google Scholar
  62. 62.
    Lee, P.J., Brickell, E.F.: An Observation on the Security of McEliece’s Public-Key Cryptosystem. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 275–280. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  63. 63.
    Leon, J.S.: A Probabilistic Algorithm for Computing Minimum Weights of Large Error-Correcting Codes. IEEE Transactions on Information Theory 34(5), 1354–1359 (1988)MathSciNetCrossRefMATHGoogle Scholar
  64. 64.
    Minder, L., Sinclair, A.: The Extended k-tree Algorithm. In: SODA, pp. 586–595 (2009)Google Scholar
  65. 65.
    Misoczki, R., Barreto, P.S.L.M.: Compact McEliece Keys from Goppa Codes (2009) (preprint), http://eprint.iacr.org/2009/187.pdf
  66. 66.
    Niebuhr, R., Cayrel, P.-L., Buchmann, J.: Improving the Efficiency of Generalized Birthday Attacks Against Certain Structured Cryptosystems. In: WCC 2011 (April 2011)Google Scholar
  67. 67.
    Niebuhr, R., Cayrel, P.-L., Bulygin, S., Buchmann, J.: On Lower Bounds for Information Set Decoding over \(\mathbb{F}_q\). In: SCC 2010, RHUL, London, UK (2010)Google Scholar
  68. 68.
    Otmani, A., Tillich, J.-P., Dallot, L.: Cryptanalysis of Two McEliece Cryptosystems Based on Quasi-Cyclic Codes (2008) (preprint), http://arxiv.org/abs/0804.0409v2
  69. 69.
    Overbeck, R.: Structural Attacks for Public Key Cryptosystems Based on Gabidulin Codes. J. Cryptology 21(2), 280–301 (2008)MathSciNetCrossRefMATHGoogle Scholar
  70. 70.
    Overbeck, R., Sendrier, N.: Code-Based Cryptography, pp. 95–146. Springer, Heidelberg (2008)MATHGoogle Scholar
  71. 71.
    Peters, C.: Information-Set Decoding for Linear Codes over \(\mathbb{F}_q\). In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 81–94. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  72. 72.
    Prange, E.: The Use of Information Sets in Decoding Cyclic Codes. IRE Transactions on Information Theory, 5–9 (1962)Google Scholar
  73. 73.
    Shor, P.W.: Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM Journal on Computing 26, 1484–1509 (1995)MathSciNetCrossRefMATHGoogle Scholar
  74. 74.
    Sidelnikov, V., Shestakov, S.: On Cryptosystems based on Generalized Reed-Solomon Codes. Discrete Mathematics 4(3), 57–63 (1992)MathSciNetGoogle Scholar
  75. 75.
    Stern, J.: A Method for Finding Codewords of Small Weight. In: Wolfmann, J., Cohen, G. (eds.) Coding Theory 1988. LNCS, vol. 388, pp. 106–113. Springer, Heidelberg (1989)CrossRefGoogle Scholar
  76. 76.
    Wagner, D.: A Generalized Birthday Problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288–304. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  77. 77.
    Wieschebrink, C.: Two NP-complete Problems in Coding Theory with an Application in Code Based Cryptography. In: IEEE International Symposium on Information Theory – ISIT 2006, pp. 1733–1737. IEEE, Seattle (2006)CrossRefGoogle Scholar
  78. 78.
    Bernstein, D.J., Buchmann, J., Dahmen, E.: Post-Quantum Cryptography. Springer, Heidelberg (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Pierre-Louis Cayrel
    • 1
  • Sidi Mohamed El Yousfi Alaoui
    • 1
  • Gerhard Hoffmann
    • 1
  • Mohammed Meziani
    • 1
  • Robert Niebuhr
    • 1
  1. 1.CASED – Center for Advanced Security Research DarmstadtDarmstadtGermany

Personalised recommendations