Description
We present an improved algorithm for finding low-weight multiples of polynomials over the binary field using coding heoretic methods. The associated code defined by the given olynomial has a cyclic structure, allowing an algorithm to earch for shifts of the sought minimum-weight odeword. Therefore, a code with higher dimension is onstructed, having a larger number of low-weight codewords nd through some additional processing also reduced minimum istance. Applying an algorithm for finding low-weight odewords in the constructed code yields a lower complexity or finding low-weight polynomial multiples compared to revious approaches. As an application, we show a key-recovery ttack against TCHo that has a lower complexity than the hosen security level indicate. Using similar ideas we also present a new probabilistic algorithm for finding a multiple of weight 4, which is faster than previous approaches. For example, this is relevant in correlation attacks on stream ciphers.
Prochains exposés
-
Séminaire C2 à INRIA Paris
Emmanuel Thomé et Pierrick Gaudry Rachelle Heim Boissier Épiphane Nouetowa Dung Bui Plus d'infos sur https://seminaire-c2.inria.fr/ -
Attacking the Supersingular Isogeny Problem: From the Delfs–Galbraith algorithm to oriented graphs
Orateur : Arthur Herlédan Le Merdy - COSIC, KU Leuven
The threat of quantum computers motivates the introduction of new hard problems for cryptography.One promising candidate is the Isogeny problem: given two elliptic curves, compute a “nice’’ map between them, called an isogeny.In this talk, we study classical attacks on this problem, specialised to supersingular elliptic curves, on which the security of current isogeny-based cryptography relies. In[…]-
Cryptography
-