2012
DOI: 10.1007/978-3-642-29011-4_31
|View full text |Cite
|
Sign up to set email alerts
|

Decoding Random Binary Linear Codes in 2 n/20: How 1 + 1 = 0 Improves Information Set Decoding

Abstract: Decoding random linear codes is a well studied problem with many applications in complexity theory and cryptography. The security of almost all coding and LPN/LWE-based schemes relies on the assumption that it is hard to decode random linear codes. Recently, there has been progress in improving the running time of the best decoding algorithms for binary random codes. The ball collision technique of Bernstein, Lange and Peters lowered the complexity of Stern's information set decoding algorithm to 2 0.0556n. Us… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
251
0

Year Published

2013
2013
2019
2019

Publication Types

Select...
6
2

Relationship

1
7

Authors

Journals

citations
Cited by 266 publications
(252 citation statements)
references
References 26 publications
(38 reference statements)
1
251
0
Order By: Relevance
“…(Experiments indicate that the probability is somewhat worse, although still inverse polynomial in n, if all R ij1 are chosen to be identical, even if this set is randomized as discussed in [17]. The idea of choosing independent sets appeared in [4] with credit to Bernstein. ) Overall the probability of I being decomposed in this way, i.e., of I being found by this algorithm, is inverse polynomial in n. As above, one expects a negligible failure probability after a polynomial number of repetitions of the algorithm.…”
Section: T T T T T T T T T T T T Tmentioning
confidence: 99%
See 2 more Smart Citations
“…(Experiments indicate that the probability is somewhat worse, although still inverse polynomial in n, if all R ij1 are chosen to be identical, even if this set is randomized as discussed in [17]. The idea of choosing independent sets appeared in [4] with credit to Bernstein. ) Overall the probability of I being decomposed in this way, i.e., of I being found by this algorithm, is inverse polynomial in n. As above, one expects a negligible failure probability after a polynomial number of repetitions of the algorithm.…”
Section: T T T T T T T T T T T T Tmentioning
confidence: 99%
“…to the exponents of other algorithms. One can reasonably speculate that analogous quantum speedups can also be applied to the algorithms of [24] and [4]. However, establishing this will require considerable extra work, similar to the extra work of [24] and [4] compared to [17] and [3] respectively.…”
Section: Introductionmentioning
confidence: 98%
See 1 more Smart Citation
“…Finally, a general lower-bound on the complexity of the information set decoding algorithm was derived by Finiasz and Sendrier [23] using idealized algorithms. However, it was shown in [9,45] and very recently in [4] that it is possible to do better than this bound.…”
Section: Problem 12 (Minimum Distance Problem (Mdp)mentioning
confidence: 99%
“…Nowadays, there exists eight probabilistic algorithms to compute a solution to the SD problem : Lee and Brickell's algorithm [70], Leon's algorithm [71], Stern's algorithm [100], the toolbox of A. Canteaut and F. Chabaud [25], Johansson and Jönsonn's algorithm [69], the "ball-collision" decoding algorithm [18], the MMT algorithm [75] and the "1+1=0" decoding algorithm [10]. All these algorithms are devoted to search a word of small weight in a random code.…”
Section: Algorithms For the Sd Problemmentioning
confidence: 99%