On the Security of Subspace Subcodes of Reed-Solomon Codes for Public Key Encryption
This article discusses the security of McEliece-like encryption schemes using subspace subcodes of Reed-Solomon codes, i.e. subcodes of Reed-Solomon codes over <inline-formula> <tex-math notation="LaTeX">{\mathbb {F}_{q^{m}}} </tex-math></inline-formula> whose entri...
Saved in:
Published in | IEEE transactions on information theory Vol. 68; no. 1; pp. 632 - 648 |
---|---|
Main Authors | , |
Format | Journal Article |
Language | English |
Published |
New York
IEEE
01.01.2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE) Institute of Electrical and Electronics Engineers |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | This article discusses the security of McEliece-like encryption schemes using subspace subcodes of Reed-Solomon codes, i.e. subcodes of Reed-Solomon codes over <inline-formula> <tex-math notation="LaTeX">{\mathbb {F}_{q^{m}}} </tex-math></inline-formula> whose entries lie in a fixed collection of <inline-formula> <tex-math notation="LaTeX">{\mathbb {F}_{q}} </tex-math></inline-formula>-subspaces of <inline-formula> <tex-math notation="LaTeX">{\mathbb {F}_{q^{m}}} </tex-math></inline-formula>. These codes appear to be a natural generalisation of Goppa and alternant codes and provide a broader flexibility in designing code based encryption schemes. For the security analysis, we introduce a new operation on codes called the twisted product which yields a polynomial time distinguisher on such subspace subcodes as soon as the chosen <inline-formula> <tex-math notation="LaTeX">{\mathbb {F}_{q}} </tex-math></inline-formula>-subspaces have dimension larger than <inline-formula> <tex-math notation="LaTeX">m/2 </tex-math></inline-formula>. From this distinguisher, we build an efficient attack which in particular breaks some parameters of a recent proposal due to Khathuria, Rosenthal and Weger. |
---|---|
ISSN: | 0018-9448 1557-9654 |
DOI: | 10.1109/TIT.2021.3120440 |