Analysis of Information Set Decoding for a Sub-linear Error Weight

Abstract : The security of code-based cryptography is strongly related to the hardness of generic decoding of linear codes. The best known generic decoding algorithms all derive from the Information Set Decoding algorithm proposed by Prange in 1962. When the number of errors w is sub-linear, w = o(n), the cost of all ISD variants has the form 2^{cw(1+o(1))}. We prove here that the constant c only depends of the code rate k=n and is the same for recent known ISD variants, including the fifty years old Prange algorithm. The most promising variants of McEliece encryption scheme use either Goppa codes, with w = O(n/ log(n)), or MDPC codes, with w = O(n^{1/2}). Our result means that, in those cases, when we scale up the system parameters, the improvement of the latest variants of ISD become less and less signi cant.
Complete list of metadatas

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/hal-01244886
Contributor : Rodolfo Canto Torres <>
Submitted on : Wednesday, March 16, 2016 - 2:21:14 PM
Last modification on : Thursday, April 26, 2018 - 10:28:12 AM
Long-term archiving on : Friday, June 17, 2016 - 10:38:37 AM

File

sublinearISD.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01244886, version 2

Collections

Citation

Rodolfo Canto Torres, Nicolas Sendrier. Analysis of Information Set Decoding for a Sub-linear Error Weight. Post-Quantum Cryptography - PQCrypto 2016, Feb 2016, Fukuoka, Japan. ⟨hal-01244886v2⟩

Share

Metrics

Record views

467

Files downloads

877