Results 1 
7 of
7
Improved fast syndrome based cryptographic hash functions
 in Proceedings of ECRYPT Hash Workshop 2007 (2007). URL: http://wwwroc.inria.fr/secret/Matthieu.Finiasz
"... Abstract. Recently, some collisions have been exposed for a variety of cryptographic hash functions [19] including some of the most widely used today. Many other hash functions using similar constrcutions can however still be considered secure. Nevertheless, this has drawn attention on the need for ..."
Abstract

Cited by 24 (5 self)
 Add to MetaCart
Abstract. Recently, some collisions have been exposed for a variety of cryptographic hash functions [19] including some of the most widely used today. Many other hash functions using similar constrcutions can however still be considered secure. Nevertheless, this has drawn attention on the need for new hash function designs. In this article is presented a familly of secure hash functions, whose security is directly related to the syndrome decoding problem from the theory of errorcorrecting codes. Taking into account the analysis by Coron and Joux [4] based on Wagner’s generalized birthday algorithm [18] we study the asymptotical security of our functions. We demonstrate that this attack is always exponential in terms of the length of the hash value. We also study the workfactor of this attack, along with other attacks from coding theory, for non asymptotic range, i.e. for practical values. Accordingly, we propose a few sets of parameters giving a good security and either a faster hashing or a shorter desciption for the function. Key Words: cryptographic hash functions, provable security, syndrome decoding, NPcompleteness, Wagner’s generalized birthday problem.
Algebraic Structure of Quasicyclic Codes
 DISCRETE APPL. MATH
"... We use Gröbner bases of modules as a tool in the construction and classification of quasiscyclic codes. Whereas previous studies have been mainly concerned with the 1generator case, our results elucidate the structure of arbitrary quasicyclic codes and their duals. As an application we provide a co ..."
Abstract

Cited by 23 (1 self)
 Add to MetaCart
We use Gröbner bases of modules as a tool in the construction and classification of quasiscyclic codes. Whereas previous studies have been mainly concerned with the 1generator case, our results elucidate the structure of arbitrary quasicyclic codes and their duals. As an application we provide a complete characterisation of selfdual quasicyclic codes of index 2.
Asymptotic improvement of the GilbertVarshamov bound for linear codes
 ISIT 2006
, 2006
"... The GilbertVarshamov bound states that the maximum size A2(n, d) of a binary code of length n and minimum distance d satisfies A2(n, d) ≥ 2n /V (n, d −1) where V (n, d) = ∑d n i=0 i stands for the volume of a Hamming ball of radius d. Recently Jiang and Vardy showed that for binary nonlinear code ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
The GilbertVarshamov bound states that the maximum size A2(n, d) of a binary code of length n and minimum distance d satisfies A2(n, d) ≥ 2n /V (n, d −1) where V (n, d) = ∑d n i=0 i stands for the volume of a Hamming ball of radius d. Recently Jiang and Vardy showed that for binary nonlinear codes this bound can be improved to 2 A2(n, d) ≥ cn
Lightweight codebased identification and signature
"... We revisit the codebased identification protocol proposed by Stern at Crypto’93, and give evidence that the size of public keys can be dramatically reduced while preserving a high and wellunderstood level of security. More precisely, the public keys can be made even shorter than RSA ones (typicall ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
We revisit the codebased identification protocol proposed by Stern at Crypto’93, and give evidence that the size of public keys can be dramatically reduced while preserving a high and wellunderstood level of security. More precisely, the public keys can be made even shorter than RSA ones (typically 347 bits), while their size is around 150 Kbits in the original scheme. This is achieved by using matrices which are double circulant, rather than purely random. On the whole, this provides a very practical identification (and possibly signature) scheme which is mostly attractive for lightweight cryptography.
SYND: a fast codebased stream cipher with a security reduction
"... Abstract — In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variat ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract — In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variation on the scheme which avoid them: the use of regular words speeds the system up and the use of quasicyclic codes allows a decrease of the memory requirements. We eventually obtain a generator as fast as AES in counter mode using only about 8000 bits of memory. We also give a more precise security reduction. I.
SYND: a fast codebased stream cipher with a security reduction
"... In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variation on the ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variation on the scheme which avoid them: the use of regular words speeds the system up and the use of quasicyclic codes allows a decrease of the memory requirements. We eventually obtain a generator as fast as AES in counter mode using only about 8000 bits of memory. We also give a more precise security reduction.
On Existence of Good SelfDual QuasiCyclic Codes Bikash Kumar Dey, Member, IEEE
"... Abstract—For a long time, asymptotically good selfdual codes have been known to exist. Asymptotically good 2quasicyclic codes of rate 1 2 have also been known to exist for a long time. Recently, it was proved that there are binary selfdual 3quasicyclic codes of length asymptotically meeting th ..."
Abstract
 Add to MetaCart
Abstract—For a long time, asymptotically good selfdual codes have been known to exist. Asymptotically good 2quasicyclic codes of rate 1 2 have also been known to exist for a long time. Recently, it was proved that there are binary selfdual 3quasicyclic codes of length asymptotically meeting the Gilbert–Varshamov bound. Unlike 2quasicyclic codes, which are defined to have a cyclic group of order 2 as a subgroup of their permutation group, the 3quasicyclic codes are defined with a permutation group of fixed order of 3. So, from the decoding point of view, 2quasicyclic codes are preferable to 3quasicyclic codes. In this correspondence, with the assumption that there are infinite primes with respect to (w r t.) which 2 is primitive, we prove that there exist classes of selfdual 2quasicyclic codes and Type II 8quasicyclic codes of length respectively 2 and 8 which asymptotically meet the Gilbert–Varshamov bound. When compared with the order of the defining permutation groups, these classes of codes lie between the 2quasicyclic codes and the 3quasicyclic codes of length, considered in previous works. Index Terms—Discrete Fourier transform (DFT), Gilbert–Varshamov bound, permutation group, quasicyclic codes, selfdual codes.