Improved Quantum Information Set Decoding

  • Elena Kirshanova
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10786)


In this paper we present quantum information set decoding (ISD) algorithms for binary linear codes. First, we refine the analysis of the quantum walk based algorithms proposed by Kachigar and Tillich (PQCrypto’17). This refinement allows us to improve the running time of quantum decoding in the leading order term: for an n-dimensional binary linear code the complexity of May-Meurer-Thomae ISD algorithm (Asiacrypt’11) drops down from \(2^{0.05904n + o(n)}\) to \(2^{0.05806n+o(n)}\). Similar improvement is achieved for our quantum version of Becker-Jeux-May-Meurer (Eurocrypt’12) decoding algorithm. Second, we translate May-Ozerov Near Neighbour technique (Eurocrypt’15) to an ‘update-and-query’ language more common in a similarity search literature. This re-interpretation allows us to combine Near Neighbour search with the quantum walk framework and use both techniques to improve a quantum version of Dumer’s ISD algorithm: the running time goes down from \(2^{0.059962n+o(n)}\) to \(2^{0.059450+o(n)}\).


Information set decoding Quantum walk Near Neighbour 



The author thanks Alexander May for enlightening discussions and suggestions. This work is supported by ERC Starting Grant ERC-2013-StG-335086-LATTAC.


  1. [Amb04]
    Ambainis, A.: Quantum walk algorithm for element distinctness. In: FOCS, pp. 210–239 (2004)Google Scholar
  2. [BCA89]
    Brouwer, A.E., Cohen, A.M., Neumaier, A.: Distance-Regular Graphs. Springer, Heidelberg (1989). Scholar
  3. [BDGL16]
    Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: SODA 2016, pp. 10–24 (2016)Google Scholar
  4. [Ber10]
    Bernstein, D.J.: Grover vs. McEliece. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 73–80. Springer, Heidelberg (2010). Scholar
  5. [BJLM13]
    Bernstein, D.J., Jeffery, S., Lange, T., Meurer, A.: Quantum algorithms for the subset-sum problem. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 16–33. Springer, Heidelberg (2013). Scholar
  6. [BJMM12]
    Becker, A., Joux, A., May, A., Meurer, A.: Decoding random binary linear codes in 2n/20: how 1 + 1 = 0 improves information set decoding. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 520–536. Springer, Heidelberg (2012). Scholar
  7. [BM17]
    Both, L., May, A.: Optimizing BJMM with nearest neighbors: full decoding in \({2^{2 n/21}}\) and McEliece security. In: The Tenth International Workshop on Coding and Cryptography (2017)Google Scholar
  8. [CE05]
    Childs, A.M., Eisenberg, J.M.: Quantum algorithms for subset finding. Quantum Inf. Comput. 5(7), 593–604 (2005)zbMATHGoogle Scholar
  9. [Chr17]
    Christiani, T.: A framework for similarity search with space-time tradeoffs using locality-sensitive filtering. In: SODA, pp. 31–46 (2017)Google Scholar
  10. [Dum91]
    Dumer, I.: On minimum distance decoding of linear codes. In: Proceedings of the 5th Joint Soviet-Swedish International Workshop on Information Theory, pp. 50–52 (1991)Google Scholar
  11. [IM98]
    Indyk, P., Motwani, R.: Approximate nearest neighbors: towards removing the curse of dimensionality. In: Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing, pp. 604–613 (1998)Google Scholar
  12. [Kir18]
    Kirshanova, E.: Improved quantum information set decoding (2018).
  13. [KT17]
    Kachigar, G., Tillich, J.-P.: Quantum information set decoding algorithms. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 69–89. Springer, Cham (2017). Scholar
  14. [Laa15]
    Laarhoven, T.: Tradeoffs for nearest neighbors on the sphere. CoRR, abs/1511.07527 (2015)Google Scholar
  15. [McE78]
    McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. In: Deep Space Network Progress Report, pp. 114–116 (1978)Google Scholar
  16. [MMT11]
    May, A., Meurer, A., Thomae, E.: Decoding random linear codes in \(\tilde{\cal{O}}(2^{0.054n})\). In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 107–124. Springer, Heidelberg (2011). Scholar
  17. [MNRS11]
    Magniez, F., Nayak, A., Roland, J., Santha, M.: Search via quantum walk. SIAM J. Comput. 40(1), 142–164 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  18. [MO15]
    May, A., Ozerov, I.: On computing nearest neighbors with applications to decoding of binary linear codes. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 203–228. Springer, Heidelberg (2015). Scholar
  19. [Pra62]
    Prange, E.: The use of information sets in decoding cyclic codes. IRE Trans. Inf. Theory 6, 5–9 (1962)MathSciNetCrossRefGoogle Scholar
  20. [SS81]
    Schroeppel, R., Shamir, A.: A \({T}={O}(2^{n/2})\), \({S}={O}(2^{n/4})\) algorithm for certain NP-complete problems. SIAM J. Comput. 10, 456–464 (1981)MathSciNetCrossRefzbMATHGoogle Scholar
  21. [Ste89]
    Stern, J.: A method for finding codewords of small weight. In: Cohen, G., Wolfmann, J. (eds.) Coding Theory 1988. LNCS, vol. 388, pp. 106–113. Springer, Heidelberg (1989). Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Laboratoire LIP, ENS de LyonLyonFrance

Personalised recommendations