Description
The McEliece scheme is a generic framework allowing to use any error correcting code which disposes of an efficient decoding algorithm to design an encryption scheme by hiding a generator matrix of this code.
In the context of rank metric, we propose a generalization of the McEliece frame to matrix codes. From a vector code, we compute a matrix version of this code, that is hidden in such a way that the code obtained is indistinguishable from a random code. We propose to mask the linearity of the vector code on the extension, which implies a bigger public key (since the code is less structured) but allows to allows to keep a very small size of ciphertext. It results in an encryption scheme whose security relies on a generic instance of the MinRank problem, known to be NP-complete.
Applying it with Gabidulin codes, our approach gives a better trade-off between ciphertexts and public keys sizes than the classic McEliece scheme. For 128 bits of security, we propose parameters with ciphertext of size 65B and public key of size 98kB.
Travail en commun avec Nicolas Aragon, Alain Couvreur, Victor Dyseryn, Philippe Gaborit
Infos pratiques
Prochains exposés
-
Polytopes in the Fiat-Shamir with Aborts Paradigm
Orateur : Hugo Beguinet - ENS Paris / Thales
The Fiat-Shamir with Aborts paradigm (FSwA) uses rejection sampling to remove a secret’s dependency on a given source distribution. Recent results revealed that unlike the uniform distribution in the hypercube, both the continuous Gaussian and the uniform distribution within the hypersphere minimise the rejection rate and the size of the proof of knowledge. However, in practice both these[…]-
Cryptographie
-
Primitive asymétrique
-
Mode et protocole
-
-
Post-quantum Group-based Cryptography
Orateur : Delaram Kahrobaei - The City University of New York