A New Rank Metric Codes Based Encryption Scheme

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10346)


We design a new McEliece-like rank metric based encryption scheme from Gabidulin codes. We explain why it is not affected by the invariant subspace attacks also known as Overbeck’s attacks. The idea of the design mixes two existing approaches designing rank metric based encryption schemes. For a given security our public-keys are more compact than for the same security in the Hamming metric based settings.


Encryption Scheme Dimensional Vector Space Random Code Decode Complexity Goppa Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The author expresses deep thanks to Alain Couvreur who pointed out the existence of a straightforward distinguisher if the parameters are not carefully chosen. The proposed parameters avoid the problem.

The author also wishes to thank the reviewers who made constructive comments to improve the quality of the paper and pointed out mistakes and misses in the original submission.


  1. [AB315]
    Initial recommendations of long-term secure post-quantum systems, Technical report (2015).
  2. [BBC+16]
    Baldi, M., Bianchi, M., Chiaraluce, F., Rosenthal, J., Schipani, D.: Enhanced public key security for the mceliece cryptosystem. J. Cryptol. 29(1), 1–27 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  3. [Ber10]
    Bernstein, D.J.: Grover vs. McEliece. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 73–80. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-12929-2_6 CrossRefGoogle Scholar
  4. [BJMM12]
    Becker, A., Joux, A., May, A., Meurer, A.: Decoding random binary linear codes in 2n/20: how \(1+1=0\) improves information set decoding. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 520–536. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29011-4_31 CrossRefGoogle Scholar
  5. [BL04]
    Berger, T., Loidreau, P.: Designing an efficient and secure public-key cryptosystem based on reducible rank codes. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 218–229. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-30556-9_18 CrossRefGoogle Scholar
  6. [BLP11]
    Bernstein, D.J., Lange, T., Peters, C.: Smaller decoding exponents: ball-collision decoding. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 743–760. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22792-9_42 CrossRefGoogle Scholar
  7. [COTG15]
    Couvreur, A., Otmani, A., Tillich, J.-P., Gauthier–Umaña, V.: A polynomial-time attack on the BBCRS scheme. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 175–193. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46447-2_8 Google Scholar
  8. [Cou01]
    Courtois, N.T.: Efficient zero-knowledge authentication based on a linear algebra problem MinRank. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 402–421. Springer, Heidelberg (2001). doi: 10.1007/3-540-45682-1_24 CrossRefGoogle Scholar
  9. [CS96]
    Chabaud, F., Stern, J.: The cryptographic security of the syndrome decoding problem for rank distance codes. In: Kim, K., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 368–381. Springer, Heidelberg (1996). doi: 10.1007/BFb0034862 CrossRefGoogle Scholar
  10. [CTS16]
    Canto Torres, R., Sendrier, N.: Analysis of information set decoding for a sub-linear error weight. In: Takagi, T. (ed.) PQCrypto 2016. LNCS, vol. 9606, pp. 144–161. Springer, Cham (2016). doi: 10.1007/978-3-319-29360-8_10 CrossRefGoogle Scholar
  11. [Gab85]
    Gabidulin, E.M.: Theory of codes with maximum rank distance. Probl. Inf. Transm. 21(1), 3–16 (1985)MathSciNetzbMATHGoogle Scholar
  12. [Gab08]
    Gabidulin, E.M.: Attacks and counter-attacks on the GPT public key cryptosystem. Des. Codes Cryptogr. 48(2), 171–177 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  13. [GHT16]
    Gaborit, P., Hauteville, A., Tillich, J.-P.: RankSynd a PRNG based on rank metric. In: Takagi, T. (ed.) PQCrypto 2016. LNCS, vol. 9606, pp. 18–28. Springer, Cham (2016). doi: 10.1007/978-3-319-29360-8_2 CrossRefGoogle Scholar
  14. [Gib95]
    Gibson, K.: Severely denting the Gabidulin version of the McEliece public key cryptosystem. Des. Codes Cryptogr. 6(1), 37–45 (1995)MathSciNetCrossRefzbMATHGoogle Scholar
  15. [Gib96]
    Gibson, K.: The security of the Gabidulin public key cryptosystem. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 212–223. Springer, Heidelberg (1996). doi: 10.1007/3-540-68339-9_19 CrossRefGoogle Scholar
  16. [GL08]
    Gabidulin, E.M., Loidreau, P.: Properties of subspace subcodes of Gabidulin codes. Adv. Math. Commun. 2(2), 147–157 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  17. [GMRZ13]
    Gaborit, P., Murat, G., Ruatta, O., Zémor, G.: Low rank parity check codes and their application to cryptography. In: Proceedings of the Workshop on Coding and Cryptography, WCC 2013, Bergen, Norway (2013).
  18. [GPT91]
    Gabidulin, E.M., Paramonov, A.V., Tretjakov, O.V.: Ideals over a non-commutative ring and their application in cryptology. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 482–489. Springer, Heidelberg (1991). doi: 10.1007/3-540-46416-6_41 CrossRefGoogle Scholar
  19. [GRH09]
    Gabidulin, E., Rashwan, H., Honary, B.: On improving security of GPT cryptosystems. In: Proceedings of IEEE International Symposium on Information Theory - ISIT 2009, pp. 1110–1114 (2009)Google Scholar
  20. [GRS16]
    Gaborit, P., Ruatta, O., Schrek, J.: On the complexity of the rank syndrome decoding problem. IEEE Trans. Inf. Theory 62(2), 1006–1019 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  21. [GRSZ14]
    Gaborit, P., Ruatta, O., Schrek, J., Zémor, G.: New results for rank-based cryptography. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT 2014. LNCS, vol. 8469, pp. 1–12. Springer, Cham (2014). doi: 10.1007/978-3-319-06734-6_1 CrossRefGoogle Scholar
  22. [GSJ16]
    Guo, Q., Johansson, T., Stankovski, P.: A key recovery attack on MDPC with CCA security using decoding errors. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 789–815. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53887-6_29 CrossRefGoogle Scholar
  23. [GZ14]
    Gaborit, P., Zémor, G.: On the hardness of the decoding and the minimum distance problems for rank codes, CoRR abs/1404.3482 (2014)Google Scholar
  24. [KI01]
    Kobara, K., Imai, H.: Semantically secure McEliece public-key cryptosystems-conversions for McEliece PKC. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 19–35. Springer, Heidelberg (2001). doi: 10.1007/3-540-44586-2_2 CrossRefGoogle Scholar
  25. [Ksh07]
    Kshevetskiy, A.: Security of GPT-like public-key cryptosystems based on linear rank codes. In: 3rd International Workshop on Signal Design and Its Applications in Communications, IWSDA 2007 (2007)Google Scholar
  26. [Loi14]
    Loidreau, P.: Asymptotic behaviour of codes in rank metric over finite fields. Des. Codes Cryptogr. 71(1), 105–118 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  27. [McE78]
    McEliece, R.J.: A public-key system based on algebraic coding theory, pp. 114–116, Jet Propulsion Lab, DSN Progress Report 44 (1978)Google Scholar
  28. [MO15]
    May, A., Ozerov, I.: On computing nearest neighbors with applications to decoding of binary linear codes. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 203–228. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46800-5_9 Google Scholar
  29. [MTSB12]
    Misoczki, R., Tillich, J.-P., Sendrier, N., Barreto, P.S.L.M.: MDPC-McEliece: new McEliece variants from moderate density parity-check codes, IACR Cryptology ePrint Archive, Report 2012/409 (2012)Google Scholar
  30. [OJ02]
    Ourivski, A.V., Johansson, T.: New technique for decoding codes in the rank metric and its cryptography applications. Probl. Inf. Transm. 38(3), 237–246 (2002). (English)MathSciNetCrossRefzbMATHGoogle Scholar
  31. [OKN16]
    Otmani, A., Kalashi, H.T., Ndjeya, S.: Improved cryptanalysis of rank metric schemes based on Gabidulin codes (2016).
  32. [Ove05]
    Overbeck, R.: A new structural attack for GPT and variants. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 50–63. Springer, Heidelberg (2005). doi: 10.1007/11554868_5 CrossRefGoogle Scholar
  33. [Pra62]
    Prange, E.: The use of information sets in decoding cyclic codes. IRE Trans. Inf. Theory 8(5), 5–9 (1962)MathSciNetCrossRefGoogle Scholar
  34. [RGH10]
    Rashwan, H., Gabidulin, E.M., Honary, B.: A smart approach for GPT cryptosystem based on rank codes. In: Proceedings of IEEE International Symposium on Information Theory - ISIT 2010, pp. 2463–2467 (2010)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.DGA MI and Université de Rennes 1RennesFrance

Personalised recommendations