On improving security of GPT cryptosystems

Gabidulin, E.M.; Rashwan, Hatem A.; Honary, Bahram

doi:10.1109/isit.2009.5206029

Cited by 35 publications

(43 citation statements)

References 10 publications

(14 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Overbeck's attack failed in this case. In 2009 [10], a proper choice of column scramblers over the extension field was taken to other variants of the GPT cryptosystem. This choice withstood both Gibson's and Overbeck's attacks.…”

Section: Gibson's Attackmentioning

confidence: 99%

“…The hexi GPT public key cryptosystem makes use of the hexi Maximum Rank Distance code for the generator matrix G in the public key G ′ , and for S a proper choice of column scramblers over the extension field is taken as in [10]. Since hexi MRD codes are analogous to MRD codes, these are a special case of MRD codes where q = 2 4 , these codes have the same error correcting capacity.…”

Section: Hexi Gpt Cryptosystemmentioning

confidence: 99%

“…The hexi GPT cryptosystem is based on the variant of GPT cryptosystem defined in [10]. This hexi MRD code based variant of the GPT cryptosystem can withstand both Gibson's and Overbeck's attacks in case a proper choice of column scramblers over the extension field is taken as in [10].…”

Section: Gibson's and Overbeck's Attackmentioning

confidence: 99%

See 2 more Smart Citations

Hexi McEliece Public Key Cryptosystem

Ilanthenraland¹,

Easwarakumar²

2014

Appl. Math. Inf. Sci.

View full text Add to dashboard Cite

This paper introduces a new class of hexi codes namely, hexi polynomial codes, hexi Rank Distance codes, hexi Maximum Rank Distance codes, hexi Goppa codes and hexi wild Goppa codes. These codes are useful to create variants of the McEliece public key cryptosystem known as the hexi McEliece public key cryptosystem and its variants; these cryptosystems are secure against attacks carried out on the existing variants of the McEliece public key cryptosystem. This newly introduced cryptosystem has better error correcting capacity and lesser time complexity making it more feasible to use. The security and possible attacks on these variants of the hexi McEliece public key cryptosystem are analysed.

show abstract

Section: Gibson's Attackmentioning

confidence: 99%

Section: Hexi Gpt Cryptosystemmentioning

confidence: 99%

See 1 more Smart Citation

Hexi McEliece Public Key Cryptosystem

Ilanthenraland¹,

Easwarakumar²

2014

Appl. Math. Inf. Sci.

View full text Add to dashboard Cite

show abstract

“…Several works then proposed to resist to this attack either by taking special random codes R so that the second property is not true as in [Loi10,RGH10], or by taking a column scrambler matrix defined over the extension field F q m as in [Gab08,GRH09,RGH11].…”

Section: Introductionmentioning

confidence: 99%

“…But recently in [OTKN16] it was shown that even if the column scrambler is defined on the extension field as in [Gab08,GRH09,RGH11], by using precisely Overbeck's technique, it is still possible to recover very efficiently a secret Gabidulin code whose error correction t * is certainly strictly less than the error correction of the secret original Gabidiulin code but still strictly greater than the number of added errors t pub . In other words, an attacker is still able to decrypt any ciphertext and consequently, all schemes based on Gabidulin codes presented in [Gab08, GRH09, RGH11] are actually not secure.…”

Section: Introductionmentioning

confidence: 99%

Polynomial-time key recovery attack on the Faure–Loidreau scheme based on Gabidulin codes

Gaborit

Otmani

Kalachi

2017

Des. Codes Cryptogr.

View full text Add to dashboard Cite

ABSTRACT. Encryption schemes based on the rank metric lead to small public key sizes of order of few thousands bytes which represents a very attractive feature compared to Hamming metric-based encryption schemes where public key sizes are of order of hundreds of thousands bytes even with additional structures like the cyclicity. The main tool for building public key encryption schemes in rank metric is the McEliece encryption setting used with the family of Gabidulin codes. Since the original scheme proposed in 1991 by Gabidulin, Paramonov and Tretjakov, many systems have been proposed based on different masking techniques for Gabidulin codes. Nevertheless, over the years most of these systems were attacked essentially by the use of an attack proposed by Overbeck.In 2005 Faure and Loidreau designed a rank-metric encryption scheme which was not in the McEliece setting. The scheme is very efficient, with small public keys of size a few kiloBytes and with security closely related to the linearized polynomial reconstruction problem which corresponds to the decoding problem of Gabidulin codes. The structure of the scheme differs considerably from the classical McEliece setting and until our work, the scheme had never been attacked. We show in this article that for a range of parameters, this scheme is also vulnerable to a polynomial-time attack that recovers the private key by applying Overbeck's attack on an appropriate public code. As an example we break in a few seconds parameters with 80-bit security claim. Our work also shows that some parameters are not affected by our attack but at the cost of a lost of efficiency for the underlying schemes.Post-quantum cryptography; Gabidulin code; Polynomial reconstruction; Faure-Loidreau scheme.

show abstract

Security of the GPT cryptosystem and its applications to cryptography

Rashwan

Gabidulin

Honary

2010

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

The public key cryptosystem (PKC) based on rank error correcting codes (the GPT cryptosystem) was proposed in 1991. Use of rank codes in cryptographic applications is advantageous since it is practically impossible to utilize combinatoric decoding. This enabled using public keys of a smaller size. Several attacks against this system were published, including Gibson's attacks and more recently Overbeck's attacks. A few modifications were proposed withstanding Gibson's attack but at least one of them was broken by the stronger attacks by Overbeck. A tool to prevent Overbeck's attack is presented by Gabidulin, which makes the cryptographer define a proper column scrambler matrix over the extension field without violating the standard mode of GPT cryptosystem. In this paper, we apply this tool to another variant of the GPT cryptosystem. Furthermore we increase the security of the proposed system against all known attacks and reduce the public key size to 4 Kbits instead of 10 Kbits.

show abstract

On improving security of GPT cryptosystems

Cited by 35 publications

References 10 publications

Hexi McEliece Public Key Cryptosystem

Hexi McEliece Public Key Cryptosystem

Polynomial-time key recovery attack on the Faure–Loidreau scheme based on Gabidulin codes

Security of the GPT cryptosystem and its applications to cryptography

Contact Info

Product

Resources

About