• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Designs, Codes and Crytography >LIGA: a cryptosystem based on the hardness of rank-metric list and interleaved decoding
【24h】

LIGA: a cryptosystem based on the hardness of rank-metric list and interleaved decoding

机译:LIGA:基于Rank-Carric列表硬度的密码系统和交错解码

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

We propose the new rank-metric code-based cryptosystem LIGA which is based on the hardness of list decoding and interleaved decoding of Gabidulin codes. LIGA is an improved variant of the Faure-Loidreau (FL) system, which was broken in a structural attack by Gaborit, Otmani, and Tale Kalachi (GOT, 2018). We keep the FL encryption and decryption algorithms, but modify the insecure key generation algorithm. Our crucial observation is that the GOT attack is equivalent to decoding an interleaved Gabidulin code. The new key generation algorithm constructs public keys for which all polynomial-time interleaved decoders fail-hence LIGA resists the GOT attack. We also prove that the public-key encryption version of LIGA is IND-CPA secure in the standard model and the key encapsulation mechanisms version is IND-CCA2 secure in the random oracle model, both under hardness assumptions of formally defined problems related to list decoding and interleaved decoding of Gabidulin codes. We propose and analyze various exponential-time attacks on these problems, calculate their work factors, and compare the resulting parameters to NIST proposals. The strengths of LIGA are short ciphertext sizes and (relatively) small key sizes. Further, LIGA guarantees correct decryption and has no decryption failure rate. It is not based on hiding the structure of a code. Since there are efficient and constant-time algorithms for encoding and decoding Gabidulin codes, timing attacks on the encryption and decryption algorithms can be easily prevented.
机译:我们提出了新的基于秩公制代码的密码系统LIGA,其基于列表解码的硬度和Gabidulin代码的交织解码。 LIGA是FAUE-LOIDREAU(FL)系统的改进变种,该系统被Gaborit,Otmani和Tale Kalachi(GOT,2018年)的结构攻击分解。我们保留了FL加密和解密算法,但修改了不安全的密钥生成算法。我们的关键观察是Get攻击等同于解码交错的甘草蛋白代码。新的键生成算法构造了所有多项式交织解码器失败的公共键,因此Liga抵抗得到的攻击。我们还证明了LIGA的公钥加密版本是标准模型中的IND-CPA安全,密钥封装机制版本是IND-CCA2在随机ORACLE模型中安全,两者都在与列表解码相关的正式定义问题的硬度假设下甘草蛋白码的交错解码。我们提出并分析了对这些问题的各种指数攻击,计算了他们的工作因素,并将结果参数与NIST提案进行了比较。 LIGA的优点是短密文尺寸和(相对)小密钥尺寸。此外,LIGA保证正确的解密,并且没有解密故障率。它不是基于隐藏代码的结构。由于存在用于编码和解码的甘草蛋白代码的有效和恒定的时间算法,因此可以容易地防止对加密和解密算法的定时攻击。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号