Distinguisher-based attacks on public-key cryptosystems using Reed-Solomon codes

Alain Couvreur, Philippe Gaborit, Valérie Gauthier-Umaña, Ayoub Otmani, Jean Pierre Tillich

Resultado de la investigación: Contribución a una revistaArtículorevisión exhaustiva

41 Citas (Scopus)

Resumen

Because of their interesting algebraic properties, several authors promote the use of generalized Reed-Solomon codes in cryptography. Niederreiter was the first to suggest an instantiation of his cryptosystem with them but Sidelnikov and Shestakov showed that this choice is insecure. Wieschebrink proposed a variant of the McEliece cryptosystem which consists in concatenating a few random columns to a generator matrix of a secretly chosen generalized Reed-Solomon code. More recently, new schemes appeared which are the homomorphic encryption scheme proposed by Bogdanov and Lee, and a variation of the McEliece cryptosystem proposed by Baldi et al. which hides the generalized Reed-Solomon code by means of matrices of very low rank. In this work, we show how to mount key-recovery attacks against these public-key encryption schemes. We use the concept of distinguisher which aims at detecting a behavior different from the one that one would expect from a random code. All the distinguishers we have built are based on the notion of component-wise product of codes. It results in a powerful tool that is able to recover the secret structure of codes when they are derived from generalized Reed-Solomon codes. Lastly, we give an alternative to Sidelnikov and Shestakov attack by building a filtration which enables to completely recover the support and the non-zero scalars defining the secret generalized Reed-Solomon code.

Idioma originalInglés estadounidense
Páginas (desde-hasta)641-666
Número de páginas26
PublicaciónDesigns, Codes, and Cryptography
Volumen73
N.º2
DOI
EstadoPublicada - nov 2014

All Science Journal Classification (ASJC) codes

  • Informática aplicada
  • Matemáticas aplicadas

Huella

Profundice en los temas de investigación de 'Distinguisher-based attacks on public-key cryptosystems using Reed-Solomon codes'. En conjunto forman una huella única.

Citar esto