-
Bounds on Sphere Sizes in the Sum-Rank Metric and Coordinate-Additive Metrics
Authors:
Hugo Sauerbier Couvée,
Thomas Jerkovits,
Jessica Bariffi
Abstract:
This paper provides new bounds on the size of spheres in any coordinate-additive metric with a particular focus on improving existing bounds in the sum-rank metric. We derive improved upper and lower bounds based on the entropy of a distribution related to the Boltzmann distribution, which work for any coordinate-additive metric. Additionally, we derive new closed-form upper and lower bounds speci…
▽ More
This paper provides new bounds on the size of spheres in any coordinate-additive metric with a particular focus on improving existing bounds in the sum-rank metric. We derive improved upper and lower bounds based on the entropy of a distribution related to the Boltzmann distribution, which work for any coordinate-additive metric. Additionally, we derive new closed-form upper and lower bounds specifically for the sum-rank metric that outperform existing closed-form bounds.
△ Less
Submitted 16 April, 2024;
originally announced April 2024.
-
Randomized Decoding of Linearized Reed-Solomon Codes Beyond the Unique Decoding Radius
Authors:
Thomas Jerkovits,
Hannes Bartz,
Antonia Wachter-Zeh
Abstract:
In this paper we address the problem of decoding linearized Reed-Solomon (LRS) codes beyond their unique decoding radius. We analyze the complexity in order to evaluate if the considered problem is of cryptographic relevance, i.e., can be used to design cryptosystems that are computationally hard to break. We show that our proposed algorithm improves over other generic algorithms that do not take…
▽ More
In this paper we address the problem of decoding linearized Reed-Solomon (LRS) codes beyond their unique decoding radius. We analyze the complexity in order to evaluate if the considered problem is of cryptographic relevance, i.e., can be used to design cryptosystems that are computationally hard to break. We show that our proposed algorithm improves over other generic algorithms that do not take into account the underlying code structure.
△ Less
Submitted 7 June, 2023;
originally announced June 2023.
-
On Decoding High-Order Interleaved Sum-Rank-Metric Codes
Authors:
Thomas Jerkovits,
Felicitas Hörmann,
Hannes Bartz
Abstract:
We consider decoding of vertically homogeneous interleaved sum-rank-metric codes with high interleaving order $s$, that are constructed by stacking $s$ codewords of a single constituent code.
We propose a Metzner--Kapturowski-like decoding algorithm that can correct errors of sum-rank weight $t <= d-2$, where $d$ is the minimum distance of the code, if the interleaving order $s > t$ and the erro…
▽ More
We consider decoding of vertically homogeneous interleaved sum-rank-metric codes with high interleaving order $s$, that are constructed by stacking $s$ codewords of a single constituent code.
We propose a Metzner--Kapturowski-like decoding algorithm that can correct errors of sum-rank weight $t <= d-2$, where $d$ is the minimum distance of the code, if the interleaving order $s > t$ and the error matrix fulfills a certain rank condition.
The proposed decoding algorithm generalizes the Metzner--Kapturowski(-like) decoders in the Hamming metric and the rank metric and has a computational complexity of $\tilde{O}(\max(n^3, n^2 s))$ operations in $\mathbb{F}_{q^m}$, where $n$ is the length of the code.
The scheme performs linear-algebraic operations only and thus works for any interleaved linear sum-rank-metric code.
We show how the decoder can be used to decode high-order interleaved codes in the skew metric.
Apart from error control, the proposed decoder allows to determine the security level of code-based cryptosystems based on interleaved sum-rank metric codes.
△ Less
Submitted 30 March, 2023;
originally announced March 2023.
-
Fast Kötter-Nielsen-Høholdt Interpolation over Skew Polynomial Rings and its Application in Coding Theory
Authors:
Hannes Bartz,
Thomas Jerkovits,
Johan Rosenkilde
Abstract:
Skew polynomials are a class of non-commutative polynomials that have several applications in computer science, coding theory and cryptography. In particular, skew polynomials can be used to construct and decode evaluation codes in several metrics, like e.g. the Hamming, rank, sum-rank and skew metric. We propose a fast divide-and-conquer variant of Kötter-Nielsen-Høholdt (KNH) interpolation algor…
▽ More
Skew polynomials are a class of non-commutative polynomials that have several applications in computer science, coding theory and cryptography. In particular, skew polynomials can be used to construct and decode evaluation codes in several metrics, like e.g. the Hamming, rank, sum-rank and skew metric. We propose a fast divide-and-conquer variant of Kötter-Nielsen-Høholdt (KNH) interpolation algorithm: it inputs a list of linear functionals on skew polynomial vectors, and outputs a reduced Gröbner basis of their kernel intersection. We show, that the proposed KNH interpolation can be used to solve the interpolation step of interpolation-based decoding of interleaved Gabidulin codes in the rank-metric, linearized Reed-Solomon codes in the sum-rank metric and skew Reed-Solomon codes in the skew metric requiring at most $\tilde{O}(s^ω M(n))$ operations in $\mathbb{F}_{q^m}$ , where $n$ is the length of the code, $s$ the interleaving order, $M(n)$ the complexity for multiplying two skew polynomials of degree at most $n$, $ω$ the matrix multiplication exponent and $\tilde{O}(\cdot)$ the soft-O notation which neglects log factors. This matches the previous best speeds for these tasks, which were obtained by top-down minimal approximant bases techniques, and complements the theory of efficient interpolation over free skew polynomial modules by the bottom-up KNH approach. In contrast to the top-down approach the bottom-up KNH algorithm has no requirements on the interpolation points and thus does not require any pre-processing.
△ Less
Submitted 4 July, 2022;
originally announced July 2022.
-
Fast Kötter-Nielsen-Høholdt Interpolation over Skew Polynomial Rings
Authors:
Hannes Bartz,
Thomas Jerkovits
Abstract:
Skew polynomials are a class of non-commutative polynomials that have several applications in computer science, coding theory and cryptography. In particular, skew polynomials can be used to construct and decode evaluation codes in several metrics, like e.g. the Hamming, rank, sum-rank and skew metric. In this paper we propose a fast divide-and-conquer variant of the Kötter-Nielsen-Høholdt (KNH) i…
▽ More
Skew polynomials are a class of non-commutative polynomials that have several applications in computer science, coding theory and cryptography. In particular, skew polynomials can be used to construct and decode evaluation codes in several metrics, like e.g. the Hamming, rank, sum-rank and skew metric. In this paper we propose a fast divide-and-conquer variant of the Kötter-Nielsen-Høholdt (KNH) interpolation over free modules over skew polynomial rings. The proposed KNH interpolation can be used to solve the interpolation step of interpolation-based decoding of (interleaved) Gabidulin, linearized Reed-Solomon and skew Reed-Solomon codes efficiently, which have various applications in coding theory and code-based quantum-resistant cryptography.
△ Less
Submitted 18 February, 2022;
originally announced February 2022.
-
Analysis of Communication Channels Related to Physical Unclonable Functions
Authors:
Georg Maringer,
Marvin Xhemrishi,
Sven Puchinger,
Kathrin Garb,
Hedongliang Liu,
Thomas Jerkovits,
Ludwig Kürzinger,
Matthias Hiller,
Antonia Wachter-Zeh
Abstract:
Cryptographic algorithms rely on the secrecy of their corresponding keys. On embedded systems with standard CMOS chips, where secure permanent memory such as flash is not available as a key storage, the secret key can be derived from Physical Unclonable Functions (PUFs) that make use of minuscule manufacturing variations of, for instance, SRAM cells. Since PUFs are affected by environmental change…
▽ More
Cryptographic algorithms rely on the secrecy of their corresponding keys. On embedded systems with standard CMOS chips, where secure permanent memory such as flash is not available as a key storage, the secret key can be derived from Physical Unclonable Functions (PUFs) that make use of minuscule manufacturing variations of, for instance, SRAM cells. Since PUFs are affected by environmental changes, the reliable reproduction of the PUF key requires error correction. For silicon PUFs with binary output, errors occur in the form of bitflips within the PUFs response. Modelling the channel as a Binary Symmetric Channel (BSC) with fixed crossover probability $p$ is only a first-order approximation of the real behavior of the PUF response. We propose a more realistic channel model, refered to as the Varying Binary Symmetric Channel (VBSC), which takes into account that the reliability of different PUF response bits may not be equal. We investigate its channel capacity for various scenarios which differ in the channel state information (CSI) present at encoder and decoder. We compare the capacity results for the VBSC for the different CSI cases with reference to the distribution of the bitflip probability according a work by Maes et al.
△ Less
Submitted 3 December, 2021;
originally announced December 2021.
-
Decoding of Space-Symmetric Rank Errors
Authors:
Thomas Jerkovits,
Vladimir Sidorenko,
Antonia Wachter-Zeh
Abstract:
This paper investigates the decoding of certain Gabidulin codes that were transmitted over a channel with space-symmetric errors. Space-symmetric errors are additive error matrices that have the property that their column and row spaces are equal. We show that for channels restricted to space-symmetric errors, with high probability errors of rank up to 2(n-k)/3 can be decoded with a Gabidulin code…
▽ More
This paper investigates the decoding of certain Gabidulin codes that were transmitted over a channel with space-symmetric errors. Space-symmetric errors are additive error matrices that have the property that their column and row spaces are equal. We show that for channels restricted to space-symmetric errors, with high probability errors of rank up to 2(n-k)/3 can be decoded with a Gabidulin code of length n and dimension k, using a weak-self orthogonal basis as code locators.
△ Less
Submitted 4 February, 2021;
originally announced February 2021.
-
Fast Decoding of Codes in the Rank, Subspace, and Sum-Rank Metric
Authors:
Hannes Bartz,
Thomas Jerkovits,
Sven Puchinger,
Johan Rosenkilde
Abstract:
We speed up existing decoding algorithms for three code classes in different metrics: interleaved Gabidulin codes in the rank metric, lifted interleaved Gabidulin codes in the subspace metric, and linearized Reed-Solomon codes in the sum-rank metric. The speed-ups are achieved by new algorithms that reduce the cores of the underlying computational problems of the decoders to one common tool: compu…
▽ More
We speed up existing decoding algorithms for three code classes in different metrics: interleaved Gabidulin codes in the rank metric, lifted interleaved Gabidulin codes in the subspace metric, and linearized Reed-Solomon codes in the sum-rank metric. The speed-ups are achieved by new algorithms that reduce the cores of the underlying computational problems of the decoders to one common tool: computing left and right approximant bases of matrices over skew polynomial rings. To accomplish this, we describe a skew-analogue of the existing PM-Basis algorithm for matrices over ordinary polynomials. This captures the bulk of the work in multiplication of skew polynomials, and the complexity benefit comes from existing algorithms performing this faster than in classical quadratic complexity. The new algorithms for the various decoding-related computational problems are interesting in their own and have further applications, in particular parts of decoders of several other codes and foundational problems related to the remainder-evaluation of skew polynomials.
△ Less
Submitted 10 March, 2021; v1 submitted 20 May, 2020;
originally announced May 2020.
-
Nested Tailbiting Convolutional Codes for Secrecy, Privacy, and Storage
Authors:
Thomas Jerkovits,
Onur Günlü,
Vladimir Sidorenko,
Gerhard Kramer
Abstract:
A key agreement problem is considered that has a biometric or physical identifier, a terminal for key enrollment, and a terminal for reconstruction. A nested convolutional code design is proposed that performs vector quantization during enrollment and error control during reconstruction. Physical identifiers with small bit error probability illustrate the gains of the design. One variant of the ne…
▽ More
A key agreement problem is considered that has a biometric or physical identifier, a terminal for key enrollment, and a terminal for reconstruction. A nested convolutional code design is proposed that performs vector quantization during enrollment and error control during reconstruction. Physical identifiers with small bit error probability illustrate the gains of the design. One variant of the nested convolutional codes improves on the best known key vs. storage rate ratio but it has high complexity. A second variant with lower complexity performs similar to nested polar codes. The results suggest that the choice of code for key agreement with identifiers depends primarily on the complexity constraint.
△ Less
Submitted 27 April, 2020;
originally announced April 2020.
-
Randomized Decoding of Gabidulin Codes Beyond the Unique Decoding Radius
Authors:
Julian Renner,
Thomas Jerkovits,
Hannes Bartz,
Sven Puchinger,
Pierre Loidreau,
Antonia Wachter-Zeh
Abstract:
We address the problem of decoding Gabidulin codes beyond their unique error-correction radius. The complexity of this problem is of importance to assess the security of some rank-metric code-based cryptosystems. We propose an approach that introduces row or column erasures to decrease the rank of the error in order to use any proper polynomial-time Gabidulin code error-erasure decoding algorithm.…
▽ More
We address the problem of decoding Gabidulin codes beyond their unique error-correction radius. The complexity of this problem is of importance to assess the security of some rank-metric code-based cryptosystems. We propose an approach that introduces row or column erasures to decrease the rank of the error in order to use any proper polynomial-time Gabidulin code error-erasure decoding algorithm. This approach improves on generic rank-metric decoders by an exponential factor.
△ Less
Submitted 10 February, 2020; v1 submitted 29 November, 2019;
originally announced November 2019.
-
Efficient Decoding of Interleaved Low-Rank Parity-Check Codes
Authors:
Julian Renner,
Thomas Jerkovits,
Hannes Bartz
Abstract:
An efficient decoding algorithm for horizontally u-interleaved LRPC codes is proposed and analyzed. Upper bounds on the decoding failure rate and the computational complexity of the algorithm are derived. It is shown that interleaving reduces the decoding failure rate exponentially in the interleaving order u whereas the computational complexity grows linearly.
An efficient decoding algorithm for horizontally u-interleaved LRPC codes is proposed and analyzed. Upper bounds on the decoding failure rate and the computational complexity of the algorithm are derived. It is shown that interleaving reduces the decoding failure rate exponentially in the interleaving order u whereas the computational complexity grows linearly.
△ Less
Submitted 28 August, 2019;
originally announced August 2019.
-
Successive Cancellation List Decoding of Product Codes with Reed-Muller Component Codes
Authors:
Mustafa Cemil Coşkun,
Thomas Jerkovits,
Gianluigi Liva
Abstract:
This letter proposes successive cancellation list (SCL) decoding of product codes with Reed--Muller (RM) component codes. SCL decoding relies on a product code description based on the $2\times 2$ Hadamard kernel, which enables interpreting the code as an RM subcode. The focus is on a class of product codes considered in wireless communication systems, based on single parity-check and extended Ham…
▽ More
This letter proposes successive cancellation list (SCL) decoding of product codes with Reed--Muller (RM) component codes. SCL decoding relies on a product code description based on the $2\times 2$ Hadamard kernel, which enables interpreting the code as an RM subcode. The focus is on a class of product codes considered in wireless communication systems, based on single parity-check and extended Hamming component codes. For short product codes, it is shown that SCL decoding with a moderate list size performs as well as (and, sometimes, outperforms) belief propagation (BP) decoding. Furthermore, by concatenating a short product code with a high-rate outer code, SCL decoding outperforms BP decoding by up to $1.4$ dB.
△ Less
Submitted 27 August, 2019;
originally announced August 2019.
-
Efficient Error-Correcting Codes in the Short Blocklength Regime
Authors:
Mustafa Cemil Coşkun,
Giuseppe Durisi,
Thomas Jerkovits,
Gianluigi Liva,
William Ryan,
Brian Stein,
Fabian Steiner
Abstract:
The design of block codes for short information blocks (e.g., a thousand or less information bits) is an open research problem that is gaining relevance thanks to emerging applications in wireless communication networks. In this paper, we review some of the most promising code constructions targeting the short block regime, and we compare them with both finite-length performance bounds and classic…
▽ More
The design of block codes for short information blocks (e.g., a thousand or less information bits) is an open research problem that is gaining relevance thanks to emerging applications in wireless communication networks. In this paper, we review some of the most promising code constructions targeting the short block regime, and we compare them with both finite-length performance bounds and classical error-correction coding schemes. The work addresses the use of both binary and high-order modulations over the additive white Gaussian noise channel. We will illustrate how to effectively approach the theoretical bounds with various performance versus decoding complexity tradeoffs.
△ Less
Submitted 10 March, 2019; v1 submitted 20 December, 2018;
originally announced December 2018.
-
Improving the Decoding Threshold of Tailbiting Spatially Coupled LDPC Codes by Energy Sha**
Authors:
Thomas Jerkovits,
Gianluigi Liva,
Alexandre Graell i Amat
Abstract:
We show how the iterative decoding threshold of tailbiting spatially coupled (SC) low-density parity-check (LDPC) code ensembles can be improved over the binary input additive white Gaussian noise channel by allowing the use of different transmission energies for the codeword bits. We refer to the proposed approach as energy sha**. We focus on the special case where the transmission energy of a…
▽ More
We show how the iterative decoding threshold of tailbiting spatially coupled (SC) low-density parity-check (LDPC) code ensembles can be improved over the binary input additive white Gaussian noise channel by allowing the use of different transmission energies for the codeword bits. We refer to the proposed approach as energy sha**. We focus on the special case where the transmission energy of a bit is selected among two values, and where a contiguous portion of the codeword is transmitted with the largest one. Given these constraints, an optimal energy boosting policy is derived by means of protograph extrinsic information transfer analysis. We show that the threshold of tailbiting SC-LDPC code ensembles can be made close to that of terminated code ensembles while avoiding the rate loss (due to termination). The analysis is complemented by Monte Carlo simulations, which confirm the viability of the approach.
△ Less
Submitted 16 February, 2018; v1 submitted 15 February, 2018;
originally announced February 2018.
-
Code Design for Short Blocks: A Survey
Authors:
Gianluigi Liva,
Lorenzo Gaudio,
Tudor Ninacs,
Thomas Jerkovits
Abstract:
The design of block codes for short information blocks (e.g., a thousand or less information bits) is an open research problem which is gaining relevance thanks to emerging applications in wireless communication networks. In this work, we review some of the most recent code constructions targeting the short block regime, and we compare then with both finite-length performance bounds and classical…
▽ More
The design of block codes for short information blocks (e.g., a thousand or less information bits) is an open research problem which is gaining relevance thanks to emerging applications in wireless communication networks. In this work, we review some of the most recent code constructions targeting the short block regime, and we compare then with both finite-length performance bounds and classical error correction coding schemes. We will see how it is possible to effectively approach the theoretical bounds, with different performance vs. decoding complexity trade-offs.
△ Less
Submitted 4 October, 2016;
originally announced October 2016.