Results 1 
7 of
7
DistinguisherBased Attacks on PublicKey Cryptosystems Using ReedSolomon Codes
 Center at the University of Bergen, Norway and Inria
, 2013
"... Abstract. The purpose of this paper is to demonstrate that a distinguisher of ReedSolomon codes based on the square code construction leads to the cryptanalysis of several cryptosystems relying on them. These schemes are respectively (i) a homomorphic encryption scheme proposed by Bogdanov and Lee; ..."
Abstract

Cited by 10 (3 self)
 Add to MetaCart
Abstract. The purpose of this paper is to demonstrate that a distinguisher of ReedSolomon codes based on the square code construction leads to the cryptanalysis of several cryptosystems relying on them. These schemes are respectively (i) a homomorphic encryption scheme proposed by Bogdanov and Lee; (ii) a variation of the McEliece cryptosystem proposed by Baldi et al. which firstly uses ReedSolomon codes instead of Goppa codes and secondly, adds a rank 1 matrix to the permutation matrix; (iii) Wieschebrink’s variant of the McEliece cryptosystem which consists in concatenating a few random columns to a generator matrix of a secretly chosen generalized ReedSolomon code. 1
Polynomial time attack on wild McEliece over quadratic extensions
, 2014
"... Abstract. We present a polynomial time structural attack against the McEliece system based on Wild Goppa codes from a quadratic finite field extension. This attack uses the fact that such codes can be distinguished from random codes to compute some filtration, that is to say a family of nested subco ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We present a polynomial time structural attack against the McEliece system based on Wild Goppa codes from a quadratic finite field extension. This attack uses the fact that such codes can be distinguished from random codes to compute some filtration, that is to say a family of nested subcodes which will reveal their secret algebraic description.
A distinguisherbased attack on a variant of McEliece’s cryptosystem based on ReedSolomon codes
, 2012
"... ar ..."
Author manuscript, published in "WCC 13 International Workshop on Coding and Cryptography, Bergen: Norway (2013)" DistinguisherBased Attacks on PublicKey Cryptosystems Using ReedSolomon Codes
, 2013
"... Abstract. The purpose of this paper is to demonstrate that a distinguisher of ReedSolomon codes based on the square code construction leads to the cryptanalysis of several cryptosystems relying on them. These schemes are respectively (i) a homomorphic encryption scheme proposed by Bogdanov and Lee; ..."
Abstract
 Add to MetaCart
Abstract. The purpose of this paper is to demonstrate that a distinguisher of ReedSolomon codes based on the square code construction leads to the cryptanalysis of several cryptosystems relying on them. These schemes are respectively (i) a homomorphic encryption scheme proposed by Bogdanov and Lee; (ii) a variation of the McEliece cryptosystem proposed by Baldi et al. which firstly uses ReedSolomon codes instead of Goppa codes and secondly, adds a rank 1 matrix to the permutation matrix; (iii) Wieschebrink’s variant of the McEliece cryptosystem which consists in concatenating a few random columns to a generator matrix of a secretly chosen generalized ReedSolomon code. 1
DistinguisherBased Attacks on PublicKey Cryptosystems Using ReedSolomon Codes
, 2014
"... ar ..."
Computational Aspects of Retrieving a Representation of an Algebraic Geometry Code (Extended abstract)
"... Abstract. Codebased cryptography is an interesting alternative to classic numbertheory PKC since it is conjectured to be secure against quantum computer attacks. Many families of codes have been proposed for these cryptosystems such as algebraic geometry codes. In a previous paper [9] we showed ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. Codebased cryptography is an interesting alternative to classic numbertheory PKC since it is conjectured to be secure against quantum computer attacks. Many families of codes have been proposed for these cryptosystems such as algebraic geometry codes. In a previous paper [9] we showed that for so called very strong algebraic geometry codes C = CL(X,P, E) where X is an algebraic curve over Fq and P = (P1,..., Pn) is an ntuple of mutually distinct Fqrational points of X and E is a divisor of X with disjoint support from P it was shown that an equivalent representation C = CL(Y,Q, F) can be found. The ntuple of points are obtained directly from a generator matrix of C, where the columns are viewed as homogeneous coordinates of these points. The curve Y is given by I2(Y), the homogeneous elements of degree 2 of the vanishing ideal I(Y). Furthermore it was shown that I2(Y) can be computed in an efficient as the kernel of certain linear map. What was not shown was how to get the divisor F and a decoding algorithm in an efficient way. In this talk show some work in progress on the topics needed to be dealt towards an efficient computational approach to this problem.