Abstract
This paper presents a simplified list-decoding algorithm to correct any number w of errors in any alternant code of any length n with any designed distance t + 1 over any finite field F q ; in particular, in the classical Goppa codes used in the McEliece and Niederreiter public-key cryptosystems. The algorithm is efficient for w close to, and in many cases slightly beyond, the F q Johnson bound \(J'=n'-\sqrt{n'(n'-t-1)}\) where n′ = n(q − 1)/q, assuming t + 1 ≤ n′. In the typical case that \(qn/t\in (\lg n)^{O(1)}\) and that the parent field has \((\lg n)^{O(1)}\) bits, the algorithm uses \(n(\lg n)^{O(1)}\) bit operations for \(w\le J'-n/(\lg n)^{O(1)}\); O(n 4.5) bit operations for \(w\le J'+o((\lg n)/\lg\lg n)\); and n O(1) bit operations for \(w\le J'+O((\lg n)/\lg\lg n)\).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
— (no editor): 39th annual symposium on foundations of computer science, FOCS ’98, November 8-11, 1998, Palo Alto, California, USA. IEEE Computer Society (1998); See [35]
— (no editor): Proceedings of the 32nd annual ACM symposium on theory of computing. Association for Computing Machinery, New York (2000); See [14]
Alekhnovich, M.: Linear diophantine equations over polynomials and soft decoding of Reed-Solomon codes. IEEE Transactions on Information Theory 51, 2257–2265 (2005); Cited from §1, §2, §2
Augot, D., Barbier, M., Couvreur, A.: List-decoding of binary Goppa codes up to the binary Johnson bound (2010); Cited from §1, §1, §3, §3, §3, §3, §3, §3, §6
Barreto, P.S.L.M., Lindner, R., Misoczki, R.: Decoding square-free Goppa codes over F p (2010); Cited from §6
Beelen, P., Brander, K.: Key equations for list decoding of Reed-Solomon codes and how to solve them. Journal of Symbolic Computation 45, 773–786 (2010); Cited from §1
Berlekamp, E.R.: Algebraic coding theory. McGraw-Hill, New York (1968); Cited from §1
Bernstein, D.J.: Fast multiplication and its applications. In: [19], pp. 325–384 (2008); Cited from §2, §2, §2, §2
Bernstein, D.J.: Reducing lattice bases to find small-height values of univariate polynomials. In: [19], pp. 421–446 (2008); Cited from §1, §3, §3, §3
Bernstein, D.J.: List decoding for binary Goppa codes. In: IWCC 2011 [21], pp. 62–80 (2011); Cited from §3, §3
Bernstein, D.J., Lange, T., Peters, C.: Attacking and defending the McEliece cryptosystem. In: PQCrypto 2008 [17], pp. 31–46 (2008); Cited from §1
Bernstein, D.J., Lange, T., Peters, C.: Wild McEliece. In: SAC 2010 [13], pp. 143–158 (2011); Cited from §6
Biryukov, A., Gong, G., Stinson, D.R. (eds): Selected areas in cryptography—17th international workshop, SAC 2010, Waterloo, Ontario, Canada, August 12-13, 2010, revised selected papers. Lecture Notes in Computer Science, vol. 6544. Springer (2011); See [12]
Boneh, D.: Finding smooth integers in short intervals using CRT decoding. In: STOC 2000 [2], pp. 265–272 (2000); see also newer version [15]; Cited from §3, §3, §3
Boneh, D.: Finding smooth integers in short intervals using CRT decoding. Journal of Computer and System Sciences 64, 768–784 (2002); see also older version [14]
Bose, R.C., Ray-Chaudhuri, D.K.: On a class of error correcting binary group codes. Information and Control 3, 68–79 (1960); Cited from §1
Buchmann, J., Ding, J. (eds.): Post-quantum cryptography, second international workshop, PQCrypto 2008, Cincinnati, OH, USA, October 17-19, 2008, proceedings. Lecture Notes in Computer Science, vol. 5299, Springer (2008); See [11]
Bürgisser, P., Clausen, M., Shokrollahi, M.A.: Algebraic complexity theory. Springer, Berlin (1997); Cited from §2
Buhler, J.P., Stevenhagen, P. (eds.): Surveys in algorithmic number theory. Mathematical Sciences Research Institute Publications, vol. 44. Cambridge University Press, New York (2008); See [8], [9]
Castagnos, G., Joux, A., Laguillaumie, F., Nguyen, P.Q.: Factoring pq2 with quadratic forms: nice cryptanalyses. In: Asiacrypt 2009 [43], pp. 469–486 (2009); Cited from §3
Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.): Coding and cryptology—third international workshop, IWCC 2011, Qingdao, China, May 30-June 3, 2011, proceedings. Lecture Notes in Computer Science, vol. 6639. Springer (2011); See [10]
Chien, R.T., Choy, D.M.: Algebraic generalization of BCH-Goppa-Helgert codes. IEEE Transactions on Information Theory 21, 70–79; Cited from §1
Cohn, H., Heninger, N.: Ideal forms of Coppersmith’s theorem and Guruswami-Sudan list decoding (2010); Cited from §3, §3, §3
Coppersmith, D.: Finding a small root of a univariate modular equation. In: Eurocrypt 1996 [44], pp. 155–165 (1996); see also newer version [26]; Cited from §3, §3
Coppersmith, D.: Finding a small root of a bivariate integer equation; factoring with high bits known. In: Eurocrypt 1996 [44], pp. 178–189 (1996); see also newer version [26]; Cited from §3, §3
Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. Journal of Cryptology 10, 233–260 (1997); see also older version [24] and [25]
Darnell, M. (ed.): Cryptography and coding: proceedings of the 6th IMA international conference held at the Royal Agricultural College, Cirencester, December 17-19, 1997. Lecture Notes in Computer Science, vol. 1355. Springer (1997); See [40]
Delsarte, P.: On subfield subcodes of modified Reed-Solomon codes. IEEE Transactions on Information Theory 21, 575–576 (1975); Cited from §1
von zur Gathen, J., Gerhard, J.: Modern computer algebra, 2nd edn. Cambridge University Press, Cambridge (2003); Cited from §2, §2, §2, §2, §2, §2, §2, §2
Giorgi, P., Jeannerod, C.-P., Villard, G.: On the complexity of polynomial matrix computations. In: ISSAC 2003 [49], pp. 135–142 (2003); Cited from §2, §2, §2, §2
Goppa, V.D.: A new class of linear error correcting codes. Problemy Peredachi Informatsii 6, 24–30 (1970); Cited from §1, §6
Goppa, V.D.: Rational representation of codes and (L,g)-codes. Problemy Peredachi Informatsii 7, 41–49 (1971) Cited from §1
Gorenstein, D., Zierler, N.: A class of error-correcting codes in pm symbols. Journal of the Society for Industrial and Applied Mathematics 9, 207–214 (1961); Cited from §1
Guruswami, V.: List decoding of error-correcting codes, Ph.D. thesis, Massachusetts Institute of Technology (2001); Cited from §1
Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometry codes. In: FOCS 1998 [1], pp. 28–39 (1998); see also newer version [36]; Cited from §1, §1, §3, §3, §3, §3, §3
Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometry codes. IEEE Transactions on Information Theory 45, 1757–1767 (1999); see also older version [36]; Cited from §3, §3
Håstad, J.: Solving simultaneous modular equations of low degree. SIAM Journal on Computing 17, 336–341 (1988); Cited from §3
Helgert, H.J.: Alternant codes. Information and Control 26, 369–380 (1974); Cited from §1
Hocquenghem, A.: Codes correcteurs d’erreurs. Chiffres 2, 147–156 (1959); Cited from §1
Howgrave-Graham, N.: Finding small roots of univariate modular equations revisited. In: Cirencester 1997 [27], pp. 131–142 (1997); Cited from §3, §3
Howgrave-Graham, N.: Computational mathematics inspired by RSA, Ph.D. thesis (1998); Cited from §3, §3
Justesen, J.: On the complexity of decoding Reed-Solomon codes. IEEE Transactions on Information Theory 22, 237–238 (1976); Cited from §1
Matsui, M. (ed.): Advances in cryptology—ASIACRYPT 2009, 15th international conference on the theory and application of cryptology and information security, Tokyo, Japan, December 6-10, 2009, proceedings. Lecture Notes in Computer Science, vol. 5912. Springer (2009); See [20]
Maurer, U.M. (ed.): Advances in cryptology—EUROCRYPT 1996: proceedings of the fifteenth international conference on the theory and application of cryptographic techniques Held in Saragossa, May 12-16, 1996. Lecture Notes in Computer Science, vol. 1070. Springer, Berlin (1996); See [24], [25]
Mora, T. (ed.): Applied algebra, algebraic algorithms and error-correcting codes: proceedings of the sixth international conference (AAECC-6) held in Rome, July 4-8, 1988. Lecture Notes in Computer Science, vol. 357. Springer, Berlin (1989); See [53]
Wesley Peterson, W.: Encoding and error-correction procedures for the Bose-Chaudhuri codes. Transactions of the Institute of Radio Engineers 6, 459–470 (1960); Cited from §1
Reed, I.S., Solomon, G.: Polynomial codes over certain finite fields. Journal of the Society for Industrial and Applied Mathematics 8, 300–304 (1960); Cited from §1
Sarwate, D.V.: On the complexity of decoding Goppa codes. IEEE Transactions on Information Theory 23, 515–516 (1977); Cited from §1
Rafael Sendra, J. (ed.): Symbolic and algebraic computation, international symposium ISSAC 2003, Drexel University, Philadelphia, Pennsylvania, USA, August 3-6, 2003, proceedings. Association for Computing Machinery (2003); See [30]
Sudan, M.: Decoding of Reed Solomon codes beyond the error-correction bound. Journal of Complexity 13, 180–193 (1997); Cited from §1
Sugiyama, Y., Kasahara, M., Hirasawa, S., Namekawa, T.: Further results on Goppa codes and their applications to constructing efficient binary codes. IEEE Transactions on Information Theory 22, 518–526 (1976); Cited from § 6
Trifonov, P.: Efficient interpolation in the Guruswami-Sudan algorithm. IEEE Transactions on Information Theory 56, 4341–4349 (2010); Cited from §1
Vallée, B., Girault, M., Toffin, P.: How to guess ℓth roots modulo n by reducing lattice bases. In: AAECC 1989 [45], pp. 427–442 (1989); Cited from §3
Wu, Y.: New list decoding algorithms for Reed-Solomon and BCH codes. IEEE Transactions On Information Theory 54 (2008); Cited from §3, §3
Zassenhaus, H.: On Hensel factorization. I. Journal of Number Theory 1, 291–311 (1969); Cited from §2
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bernstein, D.J. (2011). Simplified High-Speed High-Distance List Decoding for Alternant Codes. In: Yang, BY. (eds) Post-Quantum Cryptography. PQCrypto 2011. Lecture Notes in Computer Science, vol 7071. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25405-5_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-25405-5_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25404-8
Online ISBN: 978-3-642-25405-5
eBook Packages: Computer ScienceComputer Science (R0)