A Polynomial-Time Attack on the BBCRS Scheme

Couvreur, Alain; Otmani, Ayoub; Tillich, Jean Pierre; Gauthier-Umaña, Valérie

doi:10.1007/978-3-662-46447-2_8

Cited by 27 publications

(40 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Indeed, our simulations show that the Schur square of the public code, a central tool in most attacks, behaves like the Schur square of a random code. This contrasts the system proposed by Baldi et al [3] for which it has been shown [20] that the dimension of the Schur square is not maximal when the average row weight m is less than 1 + R.…”

Section: Introductioncontrasting

confidence: 69%

Variations of the McEliece Cryptosystem

Bolkema

Gluesing-Luerssen

Kelley

et al. 2017

Association for Women in Mathematics Series

View full text Add to dashboard Cite

Two variations of the McEliece cryptosystem are presented. The first is based on a relaxation of the column permutation in the classical McEliece scrambling process. This is done in such a way that the Hamming weight of the error, added in the encryption process, can be controlled so that efficient decryption remains possible. The second variation is based on the use of spatially coupled moderate-density parity-check codes as secret codes. These codes are known for their excellent error-correction performance and allow for a relatively low key size in the cryptosystem. For both variants the security with respect to known attacks is discussed.

show abstract

Section: Introductioncontrasting

confidence: 69%

Variations of the McEliece Cryptosystem

Bolkema

Gluesing-Luerssen

Kelley

et al. 2017

Association for Women in Mathematics Series

View full text Add to dashboard Cite

show abstract

“…For such a field, it is reasonable to store a multiplication and inversion table. Therefore, we list in Table 5 some approximate work factors for DAGS according to (13). The second column recalls the security levels claimed in [3] for the best possible attack.…”

Section: Approximate Work Factors Of the First Variant Of The Attack mentioning

confidence: 99%

“…On the one hand, some proposals suggested to replace Goppa or alternant codes by more structured codes such as generalised Reed-Solomon (GRS) codes [24], their low dimensional subcodes [6], or GRS codes to which various transformations have been applied [30,2,29]. It turns out that most of these proposals have been subject to polynomial time key-recovery attacks [28,31,9,13]. In addition, proposals based on Goppa codes which are close to GRS codes, namely Goppa code with a low extension degree m have been the target of some structural attacks [17,12].…”

Section: Introductionmentioning

confidence: 99%

An Efficient Structural Attack on NIST Submission DAGS

Barelli¹,

Couvreur²

2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…Berger and Loidreau [3] suggested to replace a GRS code by a random subcode of small codimension, Wieschebrink [18] proposed to join random columns in a generator matrix of a GRS code and Baldi et al [1] suggested to mask the structure of the code by right multiplying a generator matrix of a GRS code by the sum of a low rank matrix and a sparse matrix. It turns out that all of these proposals have been subject to efficient polynomial time attacks [19,8,11].…”

Section: Introductionmentioning

confidence: 99%