Polynomial reduction from syndrome decoding problem to regular decoding problem
Saved in:
| Title: | Polynomial reduction from syndrome decoding problem to regular decoding problem |
|---|---|
| Authors: | Zajac, Pavol |
| Contributors: | Slovak Technical University |
| Source: | Designs, Codes and Cryptography ; volume 93, issue 6, page 1777-1793 ; ISSN 0925-1022 1573-7586 |
| Publisher Information: | Springer Science and Business Media LLC |
| Publication Year: | 2025 |
| Description: | The regular decoding problem asks for (the existence of) regular solutions to a syndrome decoding problem (SDP). This problem has increased applications in post-quantum cryptography and cryptanalysis. Recently, Esser and Santini explored in depth the connection between the regular (RSD) and classical syndrome decoding problems. They have observed that while RSD to SDP reductions are known (in any parametric regime), a similar generic reduction from SDP to RSD is not known. In our contribution, we examine two different generic polynomial reductions from a syndrome decoding problem to a regular decoding problem instance. The first reduction is based on constructing a special parity check matrix that encodes weight counter progression inside the parity check matrix, which is then the input of the regular decoding oracle. The target regular decoding problem has a significantly longer code length, that depends linearly on the weight parameter of the original SDP. The second reduction is based on translating the SDP to a non-linear system of equations in the Multiple Right-Hand Sides form, and then applying RSD oracle to solve this system. The second reduction has better code length. The ratio between RSD and SDP code length of the second reduction can be bounded by a constant (less than 8). |
| Document Type: | article in journal/newspaper |
| Language: | English |
| DOI: | 10.1007/s10623-025-01567-2 |
| DOI: | 10.1007/s10623-025-01567-2.pdf |
| DOI: | 10.1007/s10623-025-01567-2/fulltext.html |
| Availability: | https://doi.org/10.1007/s10623-025-01567-2 https://link.springer.com/content/pdf/10.1007/s10623-025-01567-2.pdf https://link.springer.com/article/10.1007/s10623-025-01567-2/fulltext.html |
| Rights: | https://creativecommons.org/licenses/by/4.0 ; https://creativecommons.org/licenses/by/4.0 |
| Accession Number: | edsbas.1CD4B438 |
| Database: | BASE |
Nájsť tento článok vo Web of Science | Abstract: | The regular decoding problem asks for (the existence of) regular solutions to a syndrome decoding problem (SDP). This problem has increased applications in post-quantum cryptography and cryptanalysis. Recently, Esser and Santini explored in depth the connection between the regular (RSD) and classical syndrome decoding problems. They have observed that while RSD to SDP reductions are known (in any parametric regime), a similar generic reduction from SDP to RSD is not known. In our contribution, we examine two different generic polynomial reductions from a syndrome decoding problem to a regular decoding problem instance. The first reduction is based on constructing a special parity check matrix that encodes weight counter progression inside the parity check matrix, which is then the input of the regular decoding oracle. The target regular decoding problem has a significantly longer code length, that depends linearly on the weight parameter of the original SDP. The second reduction is based on translating the SDP to a non-linear system of equations in the Multiple Right-Hand Sides form, and then applying RSD oracle to solve this system. The second reduction has better code length. The ratio between RSD and SDP code length of the second reduction can be bounded by a constant (less than 8). |
|---|---|
| DOI: | 10.1007/s10623-025-01567-2 |