Description
Many code-based cryptosystems have been proposed recently, especially in response to the call for post-quantum cryptography standardization issued by the National Institute of Standards and Technologie. Most code-based cryptosystem rely on the same idea: an error-correcting code with some special structural properties (including good error-correction capacity) serves as the private key. This code is transformed and displayed in a form that is (supposedly) indistinguishable from a random code: this serves as the public key. However, in some cases, one can distinguish the public key from a random code. We will present such a distinguisher, the "squared code distinguisher", and how this can be used to perform key recovery attacks in polynomial time on some cryptosystems such as the RLCE scheme [Wang 2016] or the Expanded Reed-Solomon scheme [Khathuria, Rosenthal, Weger 2019].<br/> lien: http://desktop.visio.renater.fr/scopia?ID=723838***5009&autojoin
Next sessions
-
Polytopes in the Fiat-Shamir with Aborts Paradigm
Speaker : Hugo Beguinet - ENS Paris / Thales
The Fiat-Shamir with Aborts paradigm (FSwA) uses rejection sampling to remove a secret’s dependency on a given source distribution. Recent results revealed that unlike the uniform distribution in the hypercube, both the continuous Gaussian and the uniform distribution within the hypersphere minimise the rejection rate and the size of the proof of knowledge. However, in practice both these[…]-
Cryptography
-
Asymmetric primitive
-
Mode and protocol
-
-
Post-quantum Group-based Cryptography
Speaker : Delaram Kahrobaei - The City University of New York