Code-based cryptosystems are promising candidates for post-quantum cryptography since they are fast, require only basic arithmetic because their security is well understood. The increasing number of cryptographic schemes based on codes over fields other than F2 presents, however, security issues that are not relevant in the case of binary codes; the security of such constructions, therefore, requires separate assessment. Information set decoding (ISD) is one of the most important generic attacks against code-based cryptosystems. We give lower bounds for ISD over Fq, thereby anticipating future software and hardware improvements. Our results allow to compute conservative parameters for cryptographic applications. While most security proofs assume that an attacker does not have any additional information about the secret, we show that in certain scenarios an attacker can gain partial knowledge of the secret. We present how this knowledge can be used to improve the efficiency of an attack and give new bounds for the complexity of such an attack. In this paper, we analyse two types of partial knowledge including concrete scenarios and give an idea how to prevent the leakage of such knowledge to an attacker.
On lower bounds for information set decoding over Fq and on the effect of partial knowledge / Niebuhr, Robert; Persichetti, Edoardo; Louis Cayrel, Pierre; Bulygin, Stanislav; Buchmann, Johannes. - In: INTERNATIONAL JOURNAL OF INFORMATION AND CODING THEORY. - ISSN 1753-7703. - 4:1(2017), p. 47. [10.1504/ijicot.2017.081458]
On lower bounds for information set decoding over Fq and on the effect of partial knowledge
Edoardo Persichetti;
2017
Abstract
Code-based cryptosystems are promising candidates for post-quantum cryptography since they are fast, require only basic arithmetic because their security is well understood. The increasing number of cryptographic schemes based on codes over fields other than F2 presents, however, security issues that are not relevant in the case of binary codes; the security of such constructions, therefore, requires separate assessment. Information set decoding (ISD) is one of the most important generic attacks against code-based cryptosystems. We give lower bounds for ISD over Fq, thereby anticipating future software and hardware improvements. Our results allow to compute conservative parameters for cryptographic applications. While most security proofs assume that an attacker does not have any additional information about the secret, we show that in certain scenarios an attacker can gain partial knowledge of the secret. We present how this knowledge can be used to improve the efficiency of an attack and give new bounds for the complexity of such an attack. In this paper, we analyse two types of partial knowledge including concrete scenarios and give an idea how to prevent the leakage of such knowledge to an attacker.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
