Goppa-like AG codes from $C_{a,b}$ curves and their behaviour under squaring their dual
Authors:
Sabira El Khalfaoui,
Mathieu Lhotel,
Jade Nardi
Abstract:
In this paper, we introduce a family of codes that can be used in a McEliece cryptosystem, called Goppa--like AG codes. These codes generalize classical Goppa codes and can be constructed from any curve of genus $\mathfrak{g} \geq 0$. Focusing on codes from $C_{a,b}$ curves, we study the behaviour of the dimension of the square of their dual to determine their resistance to distinguisher attacks s…
▽ More
In this paper, we introduce a family of codes that can be used in a McEliece cryptosystem, called Goppa--like AG codes. These codes generalize classical Goppa codes and can be constructed from any curve of genus $\mathfrak{g} \geq 0$. Focusing on codes from $C_{a,b}$ curves, we study the behaviour of the dimension of the square of their dual to determine their resistance to distinguisher attacks similar to the one for alternant and Goppa codes developed by Mora and Tillich. We also propose numerical experiments to measure how sharp is our bound.
△ Less
Submitted 14 April, 2023; v1 submitted 15 March, 2023;
originally announced March 2023.
Interactive Oracle Proofs of Proximity to Algebraic Geometry Codes
Authors:
Sarah Bordage,
Mathieu Lhotel,
Jade Nardi,
Hugues Randriam
Abstract:
In this work, we initiate the study of proximity testing to Algebraic Geometry (AG) codes. An AG code $C = C(\mathcal{X}, \mathcal{P}, D)$ over an algebraic curve $\mathcal{X}$ is a vector space associated to evaluations on $\mathcal{P}$ of functions in the Riemann-Roch space $L_\mathcal{X}(D)$. The problem of testing proximity to an error-correcting code $C$ consists in distinguishing between the…
▽ More
In this work, we initiate the study of proximity testing to Algebraic Geometry (AG) codes. An AG code $C = C(\mathcal{X}, \mathcal{P}, D)$ over an algebraic curve $\mathcal{X}$ is a vector space associated to evaluations on $\mathcal{P}$ of functions in the Riemann-Roch space $L_\mathcal{X}(D)$. The problem of testing proximity to an error-correcting code $C$ consists in distinguishing between the case where an input word, given as an oracle, belongs to $C$ and the one where it is far from every codeword of $C$. AG codes are good candidates to construct short proof systems, but there exists no efficient proximity tests for them. We aim to fill this gap.
We construct an Interactive Oracle Proof of Proximity (IOPP) for some families of AG codes by generalizing an IOPP for Reed-Solomon codes introduced by Ben-Sasson, Bentov, Horesh and Riabzev, known as the FRI protocol. We identify suitable requirements for designing efficient IOPP systems for AG codes. Our approach relies on a neat decomposition of the Riemann-Roch space of any invariant divisor under a group action on a curve into several explicit Riemann-Roch spaces on the quotient curve. We provide sufficient conditions on an AG code $C$ that allow to reduce a proximity testing problem for $C$ to a membership problem for a significantly smaller code $C'$.
As concrete instantiations, we study AG codes on Kummer curves and curves in the Hermitian tower. The latter can be defined over polylogarithmic-size alphabet. We specialize the generic AG-IOPP construction to reach linear prover running time and logarithmic verification on Kummer curves, and quasilinear prover time with polylogarithmic verification on the Hermitian tower.
△ Less
Submitted 25 October, 2022; v1 submitted 9 November, 2020;
originally announced November 2020.
