Results 1 
8 of
8
Improved fast syndrome based cryptographic hash functions
 in Proceedings of ECRYPT Hash Workshop 2007 (2007). URL: http://wwwroc.inria.fr/secret/Matthieu.Finiasz
"... Abstract. Recently, some collisions have been exposed for a variety of cryptographic hash functions [19] including some of the most widely used today. Many other hash functions using similar constrcutions can however still be considered secure. Nevertheless, this has drawn attention on the need for ..."
Abstract

Cited by 24 (5 self)
 Add to MetaCart
Abstract. Recently, some collisions have been exposed for a variety of cryptographic hash functions [19] including some of the most widely used today. Many other hash functions using similar constrcutions can however still be considered secure. Nevertheless, this has drawn attention on the need for new hash function designs. In this article is presented a familly of secure hash functions, whose security is directly related to the syndrome decoding problem from the theory of errorcorrecting codes. Taking into account the analysis by Coron and Joux [4] based on Wagner’s generalized birthday algorithm [18] we study the asymptotical security of our functions. We demonstrate that this attack is always exponential in terms of the length of the hash value. We also study the workfactor of this attack, along with other attacks from coding theory, for non asymptotic range, i.e. for practical values. Accordingly, we propose a few sets of parameters giving a good security and either a faster hashing or a shorter desciption for the function. Key Words: cryptographic hash functions, provable security, syndrome decoding, NPcompleteness, Wagner’s generalized birthday problem.
On Linear Balancing Sets
 IEEE International Symposium on Information Theory, Seoul, South Korea
, 2009
"... Let n be an even positive integer and F be the field GF(2). A word in F n is called balanced if its Hamming weight is n/2. A subset C ⊆ F n is called a balancing set if for every word y ∈ F n there is a word x ∈ C such that y + x is balanced. It is shown that most linear subspaces of F n of dimensio ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Let n be an even positive integer and F be the field GF(2). A word in F n is called balanced if its Hamming weight is n/2. A subset C ⊆ F n is called a balancing set if for every word y ∈ F n there is a word x ∈ C such that y + x is balanced. It is shown that most linear subspaces of F n of dimension slightly larger than 3 2 log 2 n are balancing sets. An application of linear balancing sets is presented for designing efficient errorcorrecting coding schemes in which the codewords are balanced. 1
SYND: a fast codebased stream cipher with a security reduction
"... Abstract — In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variat ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract — In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variation on the scheme which avoid them: the use of regular words speeds the system up and the use of quasicyclic codes allows a decrease of the memory requirements. We eventually obtain a generator as fast as AES in counter mode using only about 8000 bits of memory. We also give a more precise security reduction. I.
SYND: a fast codebased stream cipher with a security reduction
"... In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variation on the ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In this note we reconsider the codebased pseudorandom generator proposed by Fischer and Stern. This generator is proven as secure as the syndrome decoding problem but has two main drawbacks: it is slow (3000 bits/s) and a large size of memory is needed (88 kiloBytes). We propose a variation on the scheme which avoid them: the use of regular words speeds the system up and the use of quasicyclic codes allows a decrease of the memory requirements. We eventually obtain a generator as fast as AES in counter mode using only about 8000 bits of memory. We also give a more precise security reduction.
SideChannel Attacks on the McEliece and Niederreiter
"... Abstract. Research within “postquantum ” cryptography has focused on development of schemes that resist quantum cryptanalysis. However, if such schemes are to be deployed, practical questions of efficiency and physical security should also be addressed; this is particularly important for embedded s ..."
Abstract
 Add to MetaCart
Abstract. Research within “postquantum ” cryptography has focused on development of schemes that resist quantum cryptanalysis. However, if such schemes are to be deployed, practical questions of efficiency and physical security should also be addressed; this is particularly important for embedded systems. To this end, we investigate issues relating to sidechannel attack against the McEliece and Niederreiter publickey cryptosystems, for example improving those presented by [20], and novel countermeasures against such attack.
EnergyEfficient, Secure Group Key Agreement for Ad Hoc Networks
"... Abstract—Public key cryptography is wellsuited to ad hoc networks as it requires no a priori secure key distribution mechanism. Recent advances in latticebased cryptography are enabling the use of public key algorithms (PKAs) in lowpower devices. Unfortunately, while many ad hoc networking applic ..."
Abstract
 Add to MetaCart
Abstract—Public key cryptography is wellsuited to ad hoc networks as it requires no a priori secure key distribution mechanism. Recent advances in latticebased cryptography are enabling the use of public key algorithms (PKAs) in lowpower devices. Unfortunately, while many ad hoc networking applications are dominated by multicast traffic, PKAs are inherently unicast: public/private key pairs are generated by data destinations. To fully realize public key cryptography in ad hoc networks, lowpower PKAs must therefore be augmented with energyefficient mechanisms for secure group key establishment. Motivated by recent results on information theoretic secrecy, we present a protocol that generates keys for tsized multicast groups with O(log b t) transmissions, where b is a parameter that enables trades between energy efficiency and security. Extensions of this protocol that exploit network topology side information and which permit multilevel security are also described. A cryptosystem employing an energyefficient PKA and the protocols presented herein could provide the benefits of public key cryptography – i.e., dynamic ad hoc network support – with features currently found only in symmetric systems. I.