-
A New Path to Code-based Signatures via Identification Schemes with Restricted Errors
Authors:
Marco Baldi,
Massimo Battaglioni,
Franco Chiaraluce,
Anna-Lena Horlemann-Trautmann,
Edoardo Persichetti,
Paolo Santini,
Violetta Weger
Abstract:
In this paper we introduce a variant of the Syndrome Decoding Problem (SDP), that we call Restricted SDP (R-SDP), in which the entries of the searched vector are defined over a subset of the underlying finite field. We prove the NP-completeness of R-SDP, via a reduction from the classical SDP, and describe algorithms which solve such new problem. We study the properties of random codes under this…
▽ More
In this paper we introduce a variant of the Syndrome Decoding Problem (SDP), that we call Restricted SDP (R-SDP), in which the entries of the searched vector are defined over a subset of the underlying finite field. We prove the NP-completeness of R-SDP, via a reduction from the classical SDP, and describe algorithms which solve such new problem. We study the properties of random codes under this new decoding perspective, in the fashion of traditional coding theory results, and assess the complexity of solving a random R-SDP instance. As a concrete application, we describe how Zero-Knowledge Identification (ZK-ID) schemes based on SDP can be tweaked to rely on R-SDP, and show that this leads to compact public keys as well as significantly reduced communication costs. Thus, these schemes offer an improved basis for the construction of code-based digital signature schemes derived from identification schemes through the well-know Fiat-Shamir transformation.
△ Less
Submitted 30 January, 2021; v1 submitted 14 August, 2020;
originally announced August 2020.
-
Constructing Partial MDS Codes from Reducible Curves
Authors:
Tristram Bogart,
Anna-Lena Horlemann-Trautmann,
David Karpuk,
Alessandro Neri,
Mauricio Velasco
Abstract:
We propose reducible algebraic curves as a mechanism to construct Partial MDS (PMDS) codes geometrically. We obtain new general existence results, new explicit constructions and improved estimates on the smallest field sizes over which such codes can exist. Our results are obtained by combining ideas from projective algebraic geometry, combinatorics and probability theory.
We propose reducible algebraic curves as a mechanism to construct Partial MDS (PMDS) codes geometrically. We obtain new general existence results, new explicit constructions and improved estimates on the smallest field sizes over which such codes can exist. Our results are obtained by combining ideas from projective algebraic geometry, combinatorics and probability theory.
△ Less
Submitted 29 July, 2020;
originally announced July 2020.
-
Equivalence and Characterizations of Linear Rank-Metric Codes Based on Invariants
Authors:
Alessandro Neri,
Sven Puchinger,
Anna-Lena Horlemann-Trautmann
Abstract:
We show that the sequence of dimensions of the linear spaces, generated by a given rank-metric code together with itself under several applications of a field automorphism, is an invariant for the whole equivalence class of the code. The same property is proven for the sequence of dimensions of the intersections of itself under several applications of a field automorphism. These invariants give ri…
▽ More
We show that the sequence of dimensions of the linear spaces, generated by a given rank-metric code together with itself under several applications of a field automorphism, is an invariant for the whole equivalence class of the code. The same property is proven for the sequence of dimensions of the intersections of itself under several applications of a field automorphism. These invariants give rise to easily computable criteria to check if two codes are inequivalent. We derive some concrete values and bounds for these dimension sequences for some known families of rank-metric codes, namely Gabidulin and (generalized) twisted Gabidulin codes. We then derive conditions on the length of the codes with respect to the field extension degree, such that codes from different families cannot be equivalent. Furthermore, we derive upper and lower bounds on the number of equivalence classes of Gabidulin codes and twisted Gabidulin codes, improving a result of Schmidt and Zhou for a wider range of parameters. In the end we use the aforementioned sequences to determine a characterization result for Gabidulin codes.
△ Less
Submitted 16 September, 2020; v1 submitted 29 November, 2019;
originally announced November 2019.
-
Invariants and Inequivalence of Linear Rank-Metric Codes
Authors:
Alessandro Neri,
Sven Puchinger,
Anna-Lena Horlemann-Trautmann
Abstract:
We show that the sequence of dimensions of the linear spaces, generated by a given rank-metric code together with itself under several applications of a field automorphism, is an invariant for the whole equivalence class of the code. These invariants give rise to an easily computable criterion to check if two codes are inequivalent. With this criterion we then derive bounds on the number of equiva…
▽ More
We show that the sequence of dimensions of the linear spaces, generated by a given rank-metric code together with itself under several applications of a field automorphism, is an invariant for the whole equivalence class of the code. These invariants give rise to an easily computable criterion to check if two codes are inequivalent. With this criterion we then derive bounds on the number of equivalence classes of classical and twisted Gabidulin codes.
△ Less
Submitted 27 May, 2019;
originally announced May 2019.
-
Information Set Decoding in the Lee Metric with Applications to Cryptography
Authors:
Anna-Lena Horlemann-Trautmann,
Violetta Weger
Abstract:
We convert Stern's information set decoding (ISD) algorithm to the ring $\mathbb{Z}/4 \mathbb{Z}$ equipped with the Lee metric. Moreover, we set up the general framework for a McEliece and a Niederreiter cryptosystem over this ring. The complexity of the ISD algorithm determines the minimum key size in these cryptosystems for a given security level. We show that using Lee metric codes can drastica…
▽ More
We convert Stern's information set decoding (ISD) algorithm to the ring $\mathbb{Z}/4 \mathbb{Z}$ equipped with the Lee metric. Moreover, we set up the general framework for a McEliece and a Niederreiter cryptosystem over this ring. The complexity of the ISD algorithm determines the minimum key size in these cryptosystems for a given security level. We show that using Lee metric codes can drastically decrease the key size, compared to Hamming metric codes. In the end we explain how our results can be generalized to other Galois rings $\mathbb{Z}/p^s\mathbb{Z}$.
△ Less
Submitted 27 April, 2020; v1 submitted 18 March, 2019;
originally announced March 2019.
-
Random Construction of Partial MDS Codes
Authors:
Alessandro Neri,
Anna-Lena Horlemann-Trautmann
Abstract:
This work deals with partial MDS (PMDS) codes, a special class of locally repairable codes, used for distributed storage system. We first show that a known construction of these codes, using Gabidulin codes, can be extended to use any maximum rank distance code. Then we define a standard form for the generator matrices of PMDS codes and use this form to give an algebraic description of PMDS genera…
▽ More
This work deals with partial MDS (PMDS) codes, a special class of locally repairable codes, used for distributed storage system. We first show that a known construction of these codes, using Gabidulin codes, can be extended to use any maximum rank distance code. Then we define a standard form for the generator matrices of PMDS codes and use this form to give an algebraic description of PMDS generator matrices. This implies that over a sufficiently large finite field a randomly chosen generator matrix in PMDS standard form generates a PMDS code with high probability. This also provides sufficient conditions on the field size for the existence of PMDS codes.
△ Less
Submitted 17 January, 2018;
originally announced January 2018.
-
t-Private Information Retrieval Schemes Using Transitive Codes
Authors:
Ragnar Freij-Hollanti,
Oliver W. Gnilke,
Camilla Hollanti,
Anna-Lena Horlemann-Trautmann,
David Karpuk,
Ivo Kubjas
Abstract:
This paper presents private information retrieval (PIR) schemes for coded storage with colluding servers, which are not restricted to maximum distance separable (MDS) codes. PIR schemes for general linear codes are constructed and the resulting PIR rate is calculated explicitly. It is shown that codes with transitive automorphism groups yield the highest possible rates obtainable with the proposed…
▽ More
This paper presents private information retrieval (PIR) schemes for coded storage with colluding servers, which are not restricted to maximum distance separable (MDS) codes. PIR schemes for general linear codes are constructed and the resulting PIR rate is calculated explicitly. It is shown that codes with transitive automorphism groups yield the highest possible rates obtainable with the proposed scheme. This rate coincides with the known asymptotic PIR capacity for MDS-coded storage systems without collusion. While many PIR schemes in the literature require field sizes that grow with the number of servers and files in the system, we focus especially on the case of a binary base field, for which Reed- Muller codes serve as an important and explicit class of examples.
△ Less
Submitted 7 December, 2017;
originally announced December 2017.
-
Symbol Erasure Correction Capability of Spread Codes
Authors:
Heide Gluesing-Luerssen,
Anna-Lena Horlemann-Trautmann
Abstract:
We consider data transmission over a network where each edge is an erasure channel and where the inner nodes transmit a random linear combination of their incoming information. We distinguish two channel models in this setting, the row and the column erasure channel model. For both models we derive the symbol erasure correction capabilities of spread codes and compare them to other known codes sui…
▽ More
We consider data transmission over a network where each edge is an erasure channel and where the inner nodes transmit a random linear combination of their incoming information. We distinguish two channel models in this setting, the row and the column erasure channel model. For both models we derive the symbol erasure correction capabilities of spread codes and compare them to other known codes suitable for those models. Furthermore, we explain how to decode these codes in the two channel models and compare their decoding complexities. The results show that, depending on the application and the to-be-optimized aspect, any combination of codes and channel models can be the best choice.
△ Less
Submitted 17 October, 2017;
originally announced October 2017.
-
A Complete Classification of Partial-MDS (Maximally Recoverable) Codes with One Global Parity
Authors:
Anna-Lena Horlemann-Trautmann,
Alessandro Neri
Abstract:
Partial-MDS (PMDS) codes are a family of locally repairable codes, mainly used for distributed storage. They are defined to be able to correct any pattern of $s$ additional erasures, after a given number of erasures per locality group have occurred. This makes them also maximally recoverable (MR) codes, another class of locally repairable codes. It is known that MR codes in general, and PMDS codes…
▽ More
Partial-MDS (PMDS) codes are a family of locally repairable codes, mainly used for distributed storage. They are defined to be able to correct any pattern of $s$ additional erasures, after a given number of erasures per locality group have occurred. This makes them also maximally recoverable (MR) codes, another class of locally repairable codes. It is known that MR codes in general, and PMDS codes in particular, exist for any set of parameters, if the field size is large enough. Moreover, some explicit constructions of PMDS codes are known, mostly (but not always) with a strong restriction on the number of erasures that can be corrected per locality group. In this paper we generalize the notion of PMDS codes to allow locality groups of different sizes. We give a general construction of such PMDS codes with $s=1$ global parity, i.e., one additional erasure can be corrected. Furthermore, we show that all PMDS codes for the given parameters are of this form, i.e., we give a classification of these codes. This implies a necessary and sufficient condition on the underlying field size for the existence of these codes (assuming that the MDS conjecture is true). For some parameter sets our generalized construction gives rise to PMDS codes with a smaller field size than any other known construction.
△ Less
Submitted 4 July, 2017;
originally announced July 2017.
-
On the Genericity of Maximum Rank Distance and Gabidulin Codes
Authors:
Alessandro Neri,
Anna-Lena Horlemann-Trautmann,
Tovohery Randrianarisoa,
Joachim Rosenthal
Abstract:
We consider linear rank-metric codes in $\mathbb F_{q^m}^n$. We show that the properties of being MRD (maximum rank distance) and non-Gabidulin are generic over the algebraic closure of the underlying field, which implies that over a large extension field a randomly chosen generator matrix generates an MRD and a non-Gabidulin code with high probability. Moreover, we give upper bounds on the respec…
▽ More
We consider linear rank-metric codes in $\mathbb F_{q^m}^n$. We show that the properties of being MRD (maximum rank distance) and non-Gabidulin are generic over the algebraic closure of the underlying field, which implies that over a large extension field a randomly chosen generator matrix generates an MRD and a non-Gabidulin code with high probability. Moreover, we give upper bounds on the respective probabilities in dependence on the extension degree $m$.
△ Less
Submitted 19 May, 2016;
originally announced May 2016.
-
Extension of Overbeck's Attack for Gabidulin Based Cryptosystems
Authors:
Anna-Lena Horlemann-Trautmann,
Kyle Marshall,
Joachim Rosenthal
Abstract:
We present a new attack against cryptosystems based on the rank metric. Our attack allows us to cryptanalyze two variants of the GPT cryptosystem which were designed to resist the attack of Overbeck.
We present a new attack against cryptosystems based on the rank metric. Our attack allows us to cryptanalyze two variants of the GPT cryptosystem which were designed to resist the attack of Overbeck.
△ Less
Submitted 4 January, 2016; v1 submitted 4 November, 2015;
originally announced November 2015.
-
New Criteria for MRD and Gabidulin Codes and some Rank-Metric Code Constructions
Authors:
Anna-Lena Horlemann-Trautmann,
Kyle Marshall
Abstract:
In this work we present a new criterion to check if a given rank-metric code is a maximum rank distance (MRD) code. Moreover, we derive a criterion to check if a given MRD code is a generalized Gabidulin code. We then use these results to come up with constructions of linear MRD codes of dimension 2 that are not generalized Gabidulin codes.
In this work we present a new criterion to check if a given rank-metric code is a maximum rank distance (MRD) code. Moreover, we derive a criterion to check if a given MRD code is a generalized Gabidulin code. We then use these results to come up with constructions of linear MRD codes of dimension 2 that are not generalized Gabidulin codes.
△ Less
Submitted 8 March, 2016; v1 submitted 30 July, 2015;
originally announced July 2015.
-
Message Encoding and Retrieval for Spread and Cyclic Orbit Codes
Authors:
Anna-Lena Horlemann-Trautmann
Abstract:
Spread codes and cyclic orbit codes are special families of constant dimension subspace codes. These codes have been well-studied for their error correction capability, transmission rate and decoding methods, but the question of how to encode and retrieve messages has not been investigated. In this work we show how a message set of consecutive integers can be encoded and retrieved for these two co…
▽ More
Spread codes and cyclic orbit codes are special families of constant dimension subspace codes. These codes have been well-studied for their error correction capability, transmission rate and decoding methods, but the question of how to encode and retrieve messages has not been investigated. In this work we show how a message set of consecutive integers can be encoded and retrieved for these two code families.
△ Less
Submitted 12 January, 2016; v1 submitted 2 September, 2014;
originally announced September 2014.