Description
The McEliece scheme is a generic framework allowing to use any error correcting code which disposes of an efficient decoding algorithm to design an encryption scheme by hiding a generator matrix of this code.
In the context of rank metric, we propose a generalization of the McEliece frame to matrix codes. From a vector code, we compute a matrix version of this code, that is hidden in such a way that the code obtained is indistinguishable from a random code. We propose to mask the linearity of the vector code on the extension, which implies a bigger public key (since the code is less structured) but allows to allows to keep a very small size of ciphertext. It results in an encryption scheme whose security relies on a generic instance of the MinRank problem, known to be NP-complete.
Applying it with Gabidulin codes, our approach gives a better trade-off between ciphertexts and public keys sizes than the classic McEliece scheme. For 128 bits of security, we propose parameters with ciphertext of size 65B and public key of size 98kB.
Travail en commun avec Nicolas Aragon, Alain Couvreur, Victor Dyseryn, Philippe Gaborit
Infos pratiques
Prochains exposés
-
MIKE: An efficient and compact NIKE Based on a Commutative Monoidal Action
Orateur : Jonathan Komada Eriksen - COSIC, KU Leuven
Robert recently described a powerful correspondence between certain (Hermitian) modules and (polarized) abelian varieties, which simultaneously generalizes both the class-group action underlying protocols such as CSIDH, and the Deuring correspondence, underlying protocols such as SQIsign. Using this correspondence, he also proposed how to construct a post-quantum NIKE, called MIKE, which, at a[…]-
Cryptography
-
-
TBA
Orateur : Anmoal Porwal - Technical University of Munich
-
Cryptography
-
Asymmetric primitive
-