A new McEliece-type cryptosystem using Gabidulin-Kronecker product codes

This paper presents a new McEliece-type cryptosystem using Gabidulin-Kronecker product codes in the rank metric. The contributions of this paper are as follows. Firstly, we propose a new Gabidulin-Kronecker product code which is a kind of block circulant code, and give an efficient decoding algorith...

Full description

Saved in:
Bibliographic Details
Published in:Theoretical computer science Vol. 994; p. 114480
Main Authors: Sun, Zhe, Zhuang, Jincheng, Zhou, Zimeng, Fu, Fang-Wei
Format: Journal Article
Language:English
Published: Elsevier B.V 01.05.2024
Subjects:
Code-based cryptography
Gabidulin-Kronecker product codes
IND-CCA2
McEliece-type cryptosystem
Rank metric
Code-based cryptography
IND-CCA2
McEliece-type cryptosystem
Rank metric
Gabidulin-Kronecker product codes
ISSN:0304-3975, 1879-2294
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract This paper presents a new McEliece-type cryptosystem using Gabidulin-Kronecker product codes in the rank metric. The contributions of this paper are as follows. Firstly, we propose a new Gabidulin-Kronecker product code which is a kind of block circulant code, and give an efficient decoding algorithm. Secondly, we design a one-way secure public key encryption scheme based on the Gabidulin-Kronecker product codes. Thirdly, we obtain an IND-CCA2 secure public key encryption scheme by converting our one-way secure public key encryption scheme under the hardness assumption of the RSD Dual Problem. In terms of efficiency, our scheme has a smaller public key size by taking advantage of the block circulant structure. For 128-bit security, the public key size of our proposal is 13% of Lau-Tan's cryptosystem (in the rank metric), and 19% of BIKE (in the Hamming metric). In terms of security, our scheme can resist Overbeck attack, Coggia-Couvreur attack and Sendrier attack.
AbstractList This paper presents a new McEliece-type cryptosystem using Gabidulin-Kronecker product codes in the rank metric. The contributions of this paper are as follows. Firstly, we propose a new Gabidulin-Kronecker product code which is a kind of block circulant code, and give an efficient decoding algorithm. Secondly, we design a one-way secure public key encryption scheme based on the Gabidulin-Kronecker product codes. Thirdly, we obtain an IND-CCA2 secure public key encryption scheme by converting our one-way secure public key encryption scheme under the hardness assumption of the RSD Dual Problem. In terms of efficiency, our scheme has a smaller public key size by taking advantage of the block circulant structure. For 128-bit security, the public key size of our proposal is 13% of Lau-Tan's cryptosystem (in the rank metric), and 19% of BIKE (in the Hamming metric). In terms of security, our scheme can resist Overbeck attack, Coggia-Couvreur attack and Sendrier attack.
ArticleNumber 114480
Author Zhuang, Jincheng
Sun, Zhe
Zhou, Zimeng
Fu, Fang-Wei
Author_xml – sequence: 1
  givenname: Zhe
  orcidid: 0000-0002-3932-7903
  surname: Sun
  fullname: Sun, Zhe
  email: zhe_sun@mail.nankai.edu.cn
  organization: Chern Institute of Mathematics and LPMC, Nankai University, Tianjin, 300071, China
– sequence: 2
  givenname: Jincheng
  surname: Zhuang
  fullname: Zhuang, Jincheng
  email: jchzhuang@gmail.com
  organization: Quan Cheng Laboratory, Jinan, 250103, China
– sequence: 3
  givenname: Zimeng
  surname: Zhou
  fullname: Zhou, Zimeng
  email: zhouzimeng@sdu.edu.cn
  organization: Quan Cheng Laboratory, Jinan, 250103, China
– sequence: 4
  givenname: Fang-Wei
  orcidid: 0000-0002-9696-8977
  surname: Fu
  fullname: Fu, Fang-Wei
  email: fwfu@nankai.edu.cn
  organization: Chern Institute of Mathematics and LPMC, Nankai University, Tianjin, 300071, China
BookMark eNp9kEFOwzAQRS1UJNrCAdj5Agm26ySOWFVVaRFFbGBtxeMxcmmTyHZBuT2pyprZzGze_K83I5O2a5GQe85yznj5sM8TxFwwIXPOpVTsiky5qupMiFpOyJQtmMwWdVXckFmMezZOUZVTsl3SFn_oK6wPHgGzNPRIIQx96uIQEx7pKfr2k24a4-3p4NvsJYzJ8IWB9qGzJ0gUOovxlly75hDx7m_PycfT-n21zXZvm-fVcpeBkHXKKlkDU8ZwVynLGyYbgPF2KKyojADnTFUypbBWzjSFbbg0IMoCJDjrDC7mhF_-QuhiDOh0H_yxCYPmTJ9V6L0eVeizCn1RMTKPFwbHYt8eg47gsQW0PiAkbTv_D_0LVgJqpQ
Cites_doi 10.1007/s10623-012-9659-5
10.1007/s10623-019-00659-0
10.1007/s10623-017-0343-7
10.1016/S0166-218X(02)00446-8
10.3934/amc.2017042
10.1007/BF01390769
10.1109/TIT.2003.820038
10.1007/s00145-014-9187-8
10.1007/s10623-020-00781-4
10.1007/s10623-017-0402-0
10.1007/s11786-009-0015-8
10.1007/s10623-014-9967-z
10.1007/s10623-017-0434-5
10.1109/TIT.2016.2616127
10.1007/s002000050104
10.1023/A:1020369320078
10.1109/TIT.2015.2511786
10.1137/100782929
10.1109/TIT.1978.1055873
10.1007/s00145-007-9003-9
10.1007/s10623-021-00972-7
ContentType Journal Article
Copyright 2024 Elsevier B.V.
Copyright_xml – notice: 2024 Elsevier B.V.
DBID AAYXX
CITATION
DOI 10.1016/j.tcs.2024.114480
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Mathematics
Computer Science
EISSN 1879-2294
ExternalDocumentID 10_1016_j_tcs_2024_114480
S0304397524000951
GrantInformation_xml – fundername: Nankai Zhide Foundation
  funderid: https://doi.org/10.13039/501100018769
– fundername: National Key Research and Development Program of China
  grantid: 2018YFA0704703; 2022YFA1005000
  funderid: https://doi.org/10.13039/501100012166
– fundername: Key Laboratory of Dependable Service Computing in Cyber Physical Society, China
  grantid: CPSDSC202208
– fundername: Taishan Scholars Program
  grantid: tsqn202306315
– fundername: Natural Science Foundation of Tianjin
  grantid: 20JCZDJC00610
  funderid: https://doi.org/10.13039/501100006606
– fundername: National Natural Science Foundation of China
  grantid: 12141108; 61971243; 12226336; 62102230
  funderid: https://doi.org/10.13039/501100001809
– fundername: Fundamental Research Funds for the Central Universities of China
  funderid: https://doi.org/10.13039/501100012226
– fundername: Shandong Provincial Natural Science Foundation
  grantid: ZR2021QF019
  funderid: https://doi.org/10.13039/501100007129
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
123
1B1
1RT
1~.
1~5
4.4
457
4G.
5VS
7-5
71M
8P~
9JN
AABNK
AACTN
AAEDW
AAFTH
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAXUO
AAYFN
ABAOU
ABBOA
ABJNI
ABMAC
ABYKQ
ACAZW
ACDAQ
ACGFS
ACRLP
ACZNC
ADBBV
ADEZE
AEBSH
AEKER
AENEX
AFKWA
AFTJW
AGUBO
AGYEJ
AHHHB
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJOXV
AKRWK
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ARUGR
AXJTR
BKOJK
BLXMC
CS3
DU5
EBS
EFJIC
EO8
EO9
EP2
EP3
F5P
FDB
FEDTE
FIRID
FNPLU
FYGXN
G-Q
GBLVA
GBOLZ
HVGLF
IHE
IXB
J1W
KOM
MHUIS
MO0
N9A
O-L
O9-
OAUVE
OK1
OZT
P-8
P-9
P2P
PC.
Q38
RIG
ROL
RPZ
SCC
SDF
SDG
SES
SEW
SPC
SPCBC
SSV
SSW
T5K
TN5
WH7
YNT
ZMT
~G-
29Q
9DU
AAEDT
AAQXK
AATTM
AAXKI
AAYWO
AAYXX
ABDPE
ABEFU
ABFNM
ABWVN
ABXDB
ACLOT
ACNNM
ACRPL
ACVFH
ADCNI
ADMUD
ADNMO
ADVLN
AEIPS
AEUPX
AEXQZ
AFJKZ
AFPUW
AGHFR
AGQPQ
AIGII
AIIUN
AKBMS
AKYEP
ANKPU
APXCP
ASPBG
AVWKF
AZFZN
CITATION
EFKBS
EFLBG
EJD
FGOYB
G-2
HZ~
LG9
M26
M41
R2-
SSZ
TAE
WUQ
ZY4
~HD
ID FETCH-LOGICAL-c249t-749c08bb1f78d1a04acc1f7fe2d27b2cffb76088e98fba5da14bc265c4cfdfbe3
ISICitedReferencesCount 2
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001216333100001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 0304-3975
IngestDate Sat Nov 29 07:23:34 EST 2025
Sat Apr 06 16:23:51 EDT 2024
IsPeerReviewed true
IsScholarly true
Keywords Code-based cryptography
IND-CCA2
McEliece-type cryptosystem
Rank metric
Gabidulin-Kronecker product codes
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c249t-749c08bb1f78d1a04acc1f7fe2d27b2cffb76088e98fba5da14bc265c4cfdfbe3
ORCID 0000-0002-3932-7903
0000-0002-9696-8977
ParticipantIDs crossref_primary_10_1016_j_tcs_2024_114480
elsevier_sciencedirect_doi_10_1016_j_tcs_2024_114480
PublicationCentury 2000
PublicationDate 2024-05-01
2024-05-00
PublicationDateYYYYMMDD 2024-05-01
PublicationDate_xml – month: 05
  year: 2024
  text: 2024-05-01
  day: 01
PublicationDecade 2020
PublicationTitle Theoretical computer science
PublicationYear 2024
Publisher Elsevier B.V
Publisher_xml – name: Elsevier B.V
References Lau, Tan (br0220) 2019; 87
Naor, Yung (br0240) 1989
Wachter-Zeh, Afanassiev, Sidorenko (br0360) 2013; 66
Horlemann-Trautmann, Marshall, Rosenthal (br0550) 2018; 86
Coggia, Couvreur (br0200) 2020; 88
Berger, Loidreau (br0530) 2004; vol. 3348
Berger, Ourivski (br0510) 2004
Kiltz, Pietrzak, Stam (br0290) 2009; vol. 5479
Galvez, Kim, Kim (br0320) 2017
Bellare, Rogaway (br0260) 1993
Ling, Xing (br0340) 2004
Guo, Fu (br0580) 2022
Bellare, Rogaway (br0540) 1994; vol. 950
Canetti, Halevi, Katz (br0280) 2004; vol. 3027
Overbeck (br0170) 2005; vol. 3715
Kobara, Imai (br0310) 2001; vol. 1992
Niederreiter (br0020) 1986; 15
Otmani, Kalachi, Ndjeya (br0560) 2018; 86
Gabidulin, Paramonov, Tretjakov (br0100) 1991; vol. 547
Ghatak (br0210) 2022; 90
Lindell (br0230) 2003; vol. 2656
Gabidulin (br0060) 1985; 21
Overbeck (br0180) 2008; 21
Gibson (br0130) 1996; vol. 1070
Kim, Galvez, Kim, Lee (br0090) 2018
Bardet, Briaud, Bros, Gaborit, Neiger, Ruatta, Tillich (br0490) 2020; vol. 12107
Loidreau (br0570) 2021
Gaborit, Zèmor (br0110) 2016; 62
Bardet, Bros, Cabarcas, Gaborit (br0500) 2020; vol. 12491
Couvreur, Otmani, Tillich, Gauthier-Umana (br0050) 2015; vol. 55
Gaborit, Ruatta, chrek (br0080) 2014; vol. 8469
Gaborit, Otmani, Kalachi (br0390) 2018; 86
Gibson (br0120) 1995; 6
Couvreur, Gaborit, Otmani, Tillich (br0040) 2014; 73
Aragon, Barreto, Bettaieb (br0330) 2020
Baldi, Bianchi, Chiaraluce (br0030) 2016; 29
Berlekamp, McEliece, Tilborg (br0430) 1978; 24
Aragon, Gaborit, Hauteville, Tillich (br0460) 2018
Guo, Fu (br0420) 2022
Loidreau (br0190) 2017; vol. 10346
Fujisaki, Okamoto (br0270) 2000; 83
Gabidulin, Ourivski (br0140) 2003; 128
Gabidulin, Ourivski, Honary (br0150) 2003; 49
Sahai (br0250) 1999
Gaborit, Ruatta, Schrek (br0450) 2016; 62
MacWilliams, Sloane (br0520) 1977
Lidl, Niederreiter (br0410) 1997
Puchinger, Renner, Wachter-Zeh (br0070) 2018
Horlemann-Trautmann, Marshall (br0350) 2015; 11
Overbeck (br0160) 2005; vol. 3969
Rosen, Segev (br0300) 2010; 39
Chou, Cid, UiB (br0600) 2020
Otmani, Tillich, Dallot (br0400) 2010; 3
Sendrier (br0590) 1998; 9
Levy-dit-Vehel, Perret (br0470) 2006
Ourivski, Johansson (br0440) 2002; 38
McEliece (br0010) 1978
Richter, Plass (br0380) 2004
Faugère, dit Vehel, Perret (br0480) 2008; vol. 5157
Melchor, Aragon, Bettaieb (br0610) 2020
Loidreau (br0370) 2005
Ghatak (10.1016/j.tcs.2024.114480_br0210) 2022; 90
Gibson (10.1016/j.tcs.2024.114480_br0120) 1995; 6
Kim (10.1016/j.tcs.2024.114480_br0090) 2018
Galvez (10.1016/j.tcs.2024.114480_br0320) 2017
Ourivski (10.1016/j.tcs.2024.114480_br0440) 2002; 38
Loidreau (10.1016/j.tcs.2024.114480_br0570)
McEliece (10.1016/j.tcs.2024.114480_br0010) 1978
Overbeck (10.1016/j.tcs.2024.114480_br0170) 2005; vol. 3715
Berlekamp (10.1016/j.tcs.2024.114480_br0430) 1978; 24
Canetti (10.1016/j.tcs.2024.114480_br0280) 2004; vol. 3027
Rosen (10.1016/j.tcs.2024.114480_br0300) 2010; 39
Horlemann-Trautmann (10.1016/j.tcs.2024.114480_br0350) 2015; 11
Ling (10.1016/j.tcs.2024.114480_br0340) 2004
Gaborit (10.1016/j.tcs.2024.114480_br0080) 2014; vol. 8469
Aragon (10.1016/j.tcs.2024.114480_br0460) 2018
Levy-dit-Vehel (10.1016/j.tcs.2024.114480_br0470) 2006
Berger (10.1016/j.tcs.2024.114480_br0530) 2004; vol. 3348
Overbeck (10.1016/j.tcs.2024.114480_br0160) 2005; vol. 3969
Gaborit (10.1016/j.tcs.2024.114480_br0450) 2016; 62
MacWilliams (10.1016/j.tcs.2024.114480_br0520) 1977
Coggia (10.1016/j.tcs.2024.114480_br0200) 2020; 88
Lidl (10.1016/j.tcs.2024.114480_br0410) 1997
Sahai (10.1016/j.tcs.2024.114480_br0250) 1999
Naor (10.1016/j.tcs.2024.114480_br0240) 1989
Wachter-Zeh (10.1016/j.tcs.2024.114480_br0360) 2013; 66
Chou (10.1016/j.tcs.2024.114480_br0600) 2020
Sendrier (10.1016/j.tcs.2024.114480_br0590) 1998; 9
Faugère (10.1016/j.tcs.2024.114480_br0480) 2008; vol. 5157
Fujisaki (10.1016/j.tcs.2024.114480_br0270) 2000; 83
Baldi (10.1016/j.tcs.2024.114480_br0030) 2016; 29
Otmani (10.1016/j.tcs.2024.114480_br0400) 2010; 3
Bellare (10.1016/j.tcs.2024.114480_br0540) 1994; vol. 950
Otmani (10.1016/j.tcs.2024.114480_br0560) 2018; 86
Guo (10.1016/j.tcs.2024.114480_br0580) 2022
Gaborit (10.1016/j.tcs.2024.114480_br0110) 2016; 62
Gabidulin (10.1016/j.tcs.2024.114480_br0150) 2003; 49
Puchinger (10.1016/j.tcs.2024.114480_br0070)
Horlemann-Trautmann (10.1016/j.tcs.2024.114480_br0550) 2018; 86
Overbeck (10.1016/j.tcs.2024.114480_br0180) 2008; 21
Lindell (10.1016/j.tcs.2024.114480_br0230) 2003; vol. 2656
Gabidulin (10.1016/j.tcs.2024.114480_br0100) 1991; vol. 547
Couvreur (10.1016/j.tcs.2024.114480_br0050) 2015; vol. 55
Gabidulin (10.1016/j.tcs.2024.114480_br0140) 2003; 128
Kobara (10.1016/j.tcs.2024.114480_br0310) 2001; vol. 1992
Gibson (10.1016/j.tcs.2024.114480_br0130) 1996; vol. 1070
Kiltz (10.1016/j.tcs.2024.114480_br0290) 2009; vol. 5479
Niederreiter (10.1016/j.tcs.2024.114480_br0020) 1986; 15
Bardet (10.1016/j.tcs.2024.114480_br0490) 2020; vol. 12107
Bellare (10.1016/j.tcs.2024.114480_br0260) 1993
Couvreur (10.1016/j.tcs.2024.114480_br0040) 2014; 73
Aragon (10.1016/j.tcs.2024.114480_br0330) 2020
Loidreau (10.1016/j.tcs.2024.114480_br0370) 2005
Gabidulin (10.1016/j.tcs.2024.114480_br0060) 1985; 21
Guo (10.1016/j.tcs.2024.114480_br0420) 2022
Loidreau (10.1016/j.tcs.2024.114480_br0190) 2017; vol. 10346
Melchor (10.1016/j.tcs.2024.114480_br0610) 2020
Richter (10.1016/j.tcs.2024.114480_br0380) 2004
Bardet (10.1016/j.tcs.2024.114480_br0500) 2020; vol. 12491
Lau (10.1016/j.tcs.2024.114480_br0220) 2019; 87
Berger (10.1016/j.tcs.2024.114480_br0510) 2004
Gaborit (10.1016/j.tcs.2024.114480_br0390) 2018; 86
References_xml – volume: vol. 8469
  start-page: 1
  year: 2014
  end-page: 12
  ident: br0080
  article-title: New results for rank-based cryptography
  publication-title: Proceedings of Progress in Cryptology–AFRICACRYPT 2014
– volume: vol. 12491
  start-page: 507
  year: 2020
  end-page: 536
  ident: br0500
  article-title: Improvements of algebraic attacks for solving the rank decoding and MinRank problems
  publication-title: Proceedings of ASIACRYPT 2020
– year: 2020
  ident: br0600
  article-title: Classic McEliece: conservative code-based cryptography
  publication-title: NIST Post-Quantum Cryptography Project, Third Round Candidate Algorithms, 2020
– volume: 62
  start-page: 1006
  year: 2016
  end-page: 1019
  ident: br0450
  article-title: On the complexity of the rank syndrome decoding problem
  publication-title: IEEE Trans. Inf. Theory
– volume: 90
  start-page: 215
  year: 2022
  end-page: 238
  ident: br0210
  article-title: Extending Coggia–Couvreur attack on Loidreau's rank-metric cryptosystem
  publication-title: Des. Codes Cryptogr.
– volume: 39
  start-page: 3058
  year: 2010
  end-page: 3088
  ident: br0300
  article-title: Chosen-ciphertext security via correlated products
  publication-title: SIAM J. Comput.
– start-page: 40
  year: 2004
  end-page: 47
  ident: br0510
  article-title: Construction of new MDS codes from Gabidulin codes
  publication-title: Proceedings of ACCT 2009
– year: 2004
  ident: br0340
  article-title: Coding Theory: A First Course
– start-page: 2421
  year: 2018
  end-page: 2425
  ident: br0460
  article-title: A new algorithm for solving the rank syndrome decoding problem
  publication-title: 2018 IEEE International Symposium on Information Theory (ISIT)
– start-page: 1
  year: 2022
  end-page: 19
  ident: br0580
  article-title: Two modifications for Loidreau's code-based cryptosystem
  publication-title: Appl. Algebra Eng. Commun. Comput.
– year: 1977
  ident: br0520
  article-title: The Theory of Error-Correcting Codes
– volume: 24
  start-page: 384
  year: 1978
  end-page: 386
  ident: br0430
  article-title: On the inherent intractability of certain coding problems
  publication-title: IEEE Trans. Inf. Theory
– volume: 38
  start-page: 237
  year: 2002
  end-page: 246
  ident: br0440
  article-title: New technique for decoding codes in the rank metric and its cryptography applications
  publication-title: Probl. Inf. Transm.
– volume: 29
  start-page: 1
  year: 2016
  end-page: 27
  ident: br0030
  article-title: Enhanced public key security for the McEliece cryptosystem
  publication-title: J. Cryptol.
– start-page: 108
  year: 2022
  end-page: 126
  ident: br0420
  article-title: McEliece-type encryption based on Gabidulin codes with no hidden structure
  publication-title: Inscrypt 2022
– volume: 88
  start-page: 1941
  year: 2020
  end-page: 1957
  ident: br0200
  article-title: On the security of a Loidreau rank metric code based encryption scheme
  publication-title: Des. Codes Cryptogr.
– volume: 86
  start-page: 1983
  year: 2018
  end-page: 1996
  ident: br0560
  article-title: Improved cryptanalysis of rank metric schemes based on Gabidulin codes
  publication-title: Des. Codes Cryptogr.
– start-page: 36
  year: 2005
  end-page: 45
  ident: br0370
  article-title: A Welch–Berlekamp like algorithm for decoding Gabidulin codes
  publication-title: International Workshop on Coding and Cryptography, vol. 3969
– volume: 128
  start-page: 207
  year: 2003
  end-page: 221
  ident: br0140
  article-title: Column scrambler for the GPT cryptosystem
  publication-title: Discrete Appl. Math.
– volume: 21
  start-page: 280
  year: 2008
  end-page: 301
  ident: br0180
  article-title: Structural attacks for public key cryptosystems based on Gabidulin codes
  publication-title: J. Cryptol.
– volume: vol. 1070
  start-page: 212
  year: 1996
  end-page: 223
  ident: br0130
  article-title: The security of the Gabidulin public key cryptosystem
  publication-title: Proceedings of EUROCRYPT 1996
– volume: 66
  start-page: 57
  year: 2013
  end-page: 73
  ident: br0360
  article-title: Fast decoding of Gabidulin codes
  publication-title: Des. Codes Cryptogr.
– volume: 3
  start-page: 129
  year: 2010
  end-page: 140
  ident: br0400
  article-title: Cryptanalysis of two McEliece cryptosystems based on quasi-cyclic codes
  publication-title: Math. Comput. Sci.
– volume: vol. 55
  start-page: 175
  year: 2015
  end-page: 193
  ident: br0050
  article-title: A polynomial-time attack on the BBCRS cryptosystem
  publication-title: Proceedings of Public-Key Cryptography (PKC) 2015
– volume: 73
  start-page: 641
  year: 2014
  end-page: 666
  ident: br0040
  article-title: Distinguisher-based attacks on public-key cryptosystems using Reed–Solomon codes
  publication-title: Des. Codes Cryptogr.
– year: 2018
  ident: br0070
  article-title: Twisted Gabidulin codes in the GPT cryptosystem
– volume: 9
  start-page: 221
  year: 1998
  end-page: 242
  ident: br0590
  article-title: On the concatenated structure of a linear code
  publication-title: Appl. Algebra Eng. Commun. Comput.
– volume: vol. 3027
  start-page: 207
  year: 2004
  end-page: 222
  ident: br0280
  article-title: Chosen-ciphertext security from identity-based encryption
  publication-title: Proceedings of EUROCRYPT 2004
– start-page: 114
  year: 1978
  end-page: 116
  ident: br0010
  article-title: A public-key cryptosystem based on algebraic coding theory
– year: 2020
  ident: br0330
  article-title: BIKE: bit flipping key encapsulation
  publication-title: NIST Post-Quantum Cryptography Project, Third Round Candidate Algorithms, 2020
– volume: vol. 3969
  start-page: 178
  year: 2005
  end-page: 188
  ident: br0160
  article-title: Extending Gibson's attacks on the GPT cryptosystem
  publication-title: Proceedings of WCC 2005
– year: 2020
  ident: br0610
  article-title: Hamming quasi-cyclic (HQC)
  publication-title: NIST Post-Quantum Cryptography Project, Third Round Candidate Algorithms, 2020
– volume: vol. 5479
  start-page: 590
  year: 2009
  end-page: 609
  ident: br0290
  article-title: A new randomness extraction paradigm for hybrid encryption
  publication-title: Proceedings of EUROCRYPT 2009
– volume: vol. 3715
  start-page: 50
  year: 2005
  end-page: 63
  ident: br0170
  article-title: A new structural attack for GPT and variants
  publication-title: Progress in Cryptology - Mycrypt 2005
– volume: 87
  start-page: 2979
  year: 2019
  end-page: 2999
  ident: br0220
  article-title: New rank codes based encryption scheme using partial circulant matrices
  publication-title: Des. Codes Cryptogr.
– volume: vol. 12107
  start-page: 64
  year: 2020
  end-page: 93
  ident: br0490
  article-title: An algebraic attack on rank metric code-based cryptosystems
  publication-title: Proceedings of EUROCRYPT 2020
– volume: 15
  start-page: 157
  year: 1986
  end-page: 166
  ident: br0020
  article-title: Knapsack-type cryptosystems and algebraic coding theory
  publication-title: Probl. Control Inf. Theory
– year: 2017
  ident: br0320
  article-title: McNie: compact McEliece-Niederreiter cryptosystem
  publication-title: NIST Post-Quantum Cryptography Project, First Round Candidate Algorithms 2017
– volume: vol. 10346
  start-page: 3
  year: 2017
  end-page: 17
  ident: br0190
  article-title: A new rank metric codes based encryption scheme
  publication-title: Proceedings of PQCrypto 2017
– year: 2021
  ident: br0570
  article-title: Analysis of a rank metric codes based encryption scheme
– volume: vol. 5157
  start-page: 280
  year: 2008
  end-page: 296
  ident: br0480
  article-title: Cryptanalysis of MinRank
  publication-title: Proceedings of CRYPTO 2008
– volume: vol. 3348
  start-page: 218
  year: 2004
  end-page: 229
  ident: br0530
  article-title: Designing an efficient and secure public-key cryptosystem based on reducible rank codes
  publication-title: Progress in Cryptology-INDOCRYPT 2004
– volume: 86
  start-page: 319
  year: 2018
  end-page: 340
  ident: br0550
  article-title: Extension of Overbeck's attack for Gabidulin-based cryptosystems
  publication-title: Des. Codes Cryptogr.
– volume: vol. 2656
  start-page: 241
  year: 2003
  end-page: 254
  ident: br0230
  article-title: A simpler construction of CCA2-secure public-key encryption under general assumptions
  publication-title: Proceedings of EUROCRYPT 2003
– start-page: 142
  year: 2006
  end-page: 152
  ident: br0470
  article-title: Algebraic decoding of rank metric codes
  publication-title: Proceedings of YACC 2006
– start-page: 33
  year: 1989
  end-page: 43
  ident: br0240
  article-title: Universal one-way hash functions and their cryptographic applications
  publication-title: Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing
– start-page: 62
  year: 1993
  end-page: 73
  ident: br0260
  article-title: Random oracles are practical: a paradigm for designing efficient protocols
  publication-title: Proceedings of the 1st ACM Conference on Computer and Communications Security
– year: 1997
  ident: br0410
  article-title: Finite Fields, vol. 20
– volume: 6
  start-page: 37
  year: 1995
  end-page: 45
  ident: br0120
  article-title: Severely denting the Gabidulin version of the McEliece public key cryptosystem
  publication-title: Des. Codes Cryptogr.
– volume: 49
  start-page: 3289
  year: 2003
  end-page: 3293
  ident: br0150
  article-title: Reducible rank codes and their applications to cryptography
  publication-title: IEEE Trans. Inf. Theory
– volume: vol. 547
  start-page: 482
  year: 1991
  end-page: 489
  ident: br0100
  article-title: Ideals over a non-commutative ring and their application in cryptology
  publication-title: Proceedings of EUROCRYPT 1991
– volume: 62
  start-page: 7245
  year: 2016
  end-page: 7252
  ident: br0110
  article-title: On the hardness of the decoding and the minimum distance problems for rank codes
  publication-title: IEEE Trans. Inf. Theory
– volume: 83
  start-page: 24
  year: 2000
  end-page: 32
  ident: br0270
  article-title: How to enhance the security of public-key encryption at minimum cost
  publication-title: IEICE Trans. Fundam. Electron. Commun. Comput. Sci.
– start-page: 543
  year: 1999
  end-page: 553
  ident: br0250
  article-title: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security
  publication-title: 40th Annual Symposium on Foundations of Computer Science
– volume: 21
  start-page: 3
  year: 1985
  end-page: 16
  ident: br0060
  article-title: Theory of codes with maximum rank distance
  publication-title: Probl. Pereda. Inf.
– volume: vol. 950
  start-page: 92
  year: 1994
  end-page: 111
  ident: br0540
  article-title: Optimal asymmetric encryption
  publication-title: Proceedings of EUROCRYPT 1994
– volume: 11
  start-page: 533
  year: 2015
  end-page: 548
  ident: br0350
  article-title: New criteria for MRD and Gabidulin codes and some rank-metric code constructions
  publication-title: Adv. Math. Commun.
– start-page: 25
  year: 2018
  end-page: 33
  ident: br0090
  article-title: A new LRPC-Kronecker product codes based public-key cryptography
  publication-title: Proceedings of the 5th ACM on ASIA Public-Key Cryptography Workshop
– volume: 86
  start-page: 1391
  year: 2018
  end-page: 1403
  ident: br0390
  article-title: Polynomial-time key recovery attack on the Faure-Loidreau scheme based on Gabidulin codes
  publication-title: Des. Codes Cryptogr.
– volume: vol. 1992
  start-page: 19
  year: 2001
  end-page: 35
  ident: br0310
  article-title: Semantically secure McEliece public-key cryptosystems-conversions for McEliece PKC
  publication-title: Proceedings of Public Key Cryptosystems (PKC) 2001
– start-page: 203
  year: 2004
  end-page: 210
  ident: br0380
  article-title: Error and erasure decoding of rank-codes with a modified Berlekamp-Massey algorithm
  publication-title: ITG FACHBERICHT
– volume: vol. 5479
  start-page: 590
  year: 2009
  ident: 10.1016/j.tcs.2024.114480_br0290
  article-title: A new randomness extraction paradigm for hybrid encryption
– volume: 66
  start-page: 57
  issue: 1–3
  year: 2013
  ident: 10.1016/j.tcs.2024.114480_br0360
  article-title: Fast decoding of Gabidulin codes
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-012-9659-5
– volume: 87
  start-page: 2979
  issue: 12
  year: 2019
  ident: 10.1016/j.tcs.2024.114480_br0220
  article-title: New rank codes based encryption scheme using partial circulant matrices
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-019-00659-0
– volume: vol. 950
  start-page: 92
  year: 1994
  ident: 10.1016/j.tcs.2024.114480_br0540
  article-title: Optimal asymmetric encryption
– volume: vol. 1992
  start-page: 19
  year: 2001
  ident: 10.1016/j.tcs.2024.114480_br0310
  article-title: Semantically secure McEliece public-key cryptosystems-conversions for McEliece PKC
– volume: 86
  start-page: 319
  issue: 2
  year: 2018
  ident: 10.1016/j.tcs.2024.114480_br0550
  article-title: Extension of Overbeck's attack for Gabidulin-based cryptosystems
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-017-0343-7
– volume: vol. 8469
  start-page: 1
  year: 2014
  ident: 10.1016/j.tcs.2024.114480_br0080
  article-title: New results for rank-based cryptography
– year: 1977
  ident: 10.1016/j.tcs.2024.114480_br0520
– start-page: 62
  year: 1993
  ident: 10.1016/j.tcs.2024.114480_br0260
  article-title: Random oracles are practical: a paradigm for designing efficient protocols
– volume: vol. 3969
  start-page: 178
  year: 2005
  ident: 10.1016/j.tcs.2024.114480_br0160
  article-title: Extending Gibson's attacks on the GPT cryptosystem
– start-page: 36
  year: 2005
  ident: 10.1016/j.tcs.2024.114480_br0370
  article-title: A Welch–Berlekamp like algorithm for decoding Gabidulin codes
– year: 2020
  ident: 10.1016/j.tcs.2024.114480_br0610
  article-title: Hamming quasi-cyclic (HQC)
– start-page: 1
  year: 2022
  ident: 10.1016/j.tcs.2024.114480_br0580
  article-title: Two modifications for Loidreau's code-based cryptosystem
  publication-title: Appl. Algebra Eng. Commun. Comput.
– volume: vol. 12491
  start-page: 507
  year: 2020
  ident: 10.1016/j.tcs.2024.114480_br0500
  article-title: Improvements of algebraic attacks for solving the rank decoding and MinRank problems
– start-page: 33
  year: 1989
  ident: 10.1016/j.tcs.2024.114480_br0240
  article-title: Universal one-way hash functions and their cryptographic applications
– ident: 10.1016/j.tcs.2024.114480_br0570
– volume: 128
  start-page: 207
  issue: 1
  year: 2003
  ident: 10.1016/j.tcs.2024.114480_br0140
  article-title: Column scrambler for the GPT cryptosystem
  publication-title: Discrete Appl. Math.
  doi: 10.1016/S0166-218X(02)00446-8
– volume: 11
  start-page: 533
  issue: 3
  year: 2015
  ident: 10.1016/j.tcs.2024.114480_br0350
  article-title: New criteria for MRD and Gabidulin codes and some rank-metric code constructions
  publication-title: Adv. Math. Commun.
  doi: 10.3934/amc.2017042
– start-page: 142
  year: 2006
  ident: 10.1016/j.tcs.2024.114480_br0470
  article-title: Algebraic decoding of rank metric codes
– volume: 6
  start-page: 37
  issue: 1
  year: 1995
  ident: 10.1016/j.tcs.2024.114480_br0120
  article-title: Severely denting the Gabidulin version of the McEliece public key cryptosystem
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/BF01390769
– volume: vol. 2656
  start-page: 241
  year: 2003
  ident: 10.1016/j.tcs.2024.114480_br0230
  article-title: A simpler construction of CCA2-secure public-key encryption under general assumptions
– start-page: 25
  year: 2018
  ident: 10.1016/j.tcs.2024.114480_br0090
  article-title: A new LRPC-Kronecker product codes based public-key cryptography
– volume: vol. 3348
  start-page: 218
  year: 2004
  ident: 10.1016/j.tcs.2024.114480_br0530
  article-title: Designing an efficient and secure public-key cryptosystem based on reducible rank codes
– year: 1997
  ident: 10.1016/j.tcs.2024.114480_br0410
– volume: 49
  start-page: 3289
  issue: 12
  year: 2003
  ident: 10.1016/j.tcs.2024.114480_br0150
  article-title: Reducible rank codes and their applications to cryptography
  publication-title: IEEE Trans. Inf. Theory
  doi: 10.1109/TIT.2003.820038
– volume: vol. 10346
  start-page: 3
  year: 2017
  ident: 10.1016/j.tcs.2024.114480_br0190
  article-title: A new rank metric codes based encryption scheme
– start-page: 203
  year: 2004
  ident: 10.1016/j.tcs.2024.114480_br0380
  article-title: Error and erasure decoding of rank-codes with a modified Berlekamp-Massey algorithm
– volume: vol. 1070
  start-page: 212
  year: 1996
  ident: 10.1016/j.tcs.2024.114480_br0130
  article-title: The security of the Gabidulin public key cryptosystem
– volume: vol. 3027
  start-page: 207
  year: 2004
  ident: 10.1016/j.tcs.2024.114480_br0280
  article-title: Chosen-ciphertext security from identity-based encryption
– start-page: 543
  year: 1999
  ident: 10.1016/j.tcs.2024.114480_br0250
  article-title: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security
– volume: 29
  start-page: 1
  issue: 1
  year: 2016
  ident: 10.1016/j.tcs.2024.114480_br0030
  article-title: Enhanced public key security for the McEliece cryptosystem
  publication-title: J. Cryptol.
  doi: 10.1007/s00145-014-9187-8
– volume: 88
  start-page: 1941
  issue: 9
  year: 2020
  ident: 10.1016/j.tcs.2024.114480_br0200
  article-title: On the security of a Loidreau rank metric code based encryption scheme
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-020-00781-4
– year: 2004
  ident: 10.1016/j.tcs.2024.114480_br0340
– start-page: 2421
  year: 2018
  ident: 10.1016/j.tcs.2024.114480_br0460
  article-title: A new algorithm for solving the rank syndrome decoding problem
– volume: vol. 547
  start-page: 482
  year: 1991
  ident: 10.1016/j.tcs.2024.114480_br0100
  article-title: Ideals over a non-commutative ring and their application in cryptology
– volume: 15
  start-page: 157
  issue: 2
  year: 1986
  ident: 10.1016/j.tcs.2024.114480_br0020
  article-title: Knapsack-type cryptosystems and algebraic coding theory
  publication-title: Probl. Control Inf. Theory
– volume: 86
  start-page: 1391
  issue: 7
  year: 2018
  ident: 10.1016/j.tcs.2024.114480_br0390
  article-title: Polynomial-time key recovery attack on the Faure-Loidreau scheme based on Gabidulin codes
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-017-0402-0
– ident: 10.1016/j.tcs.2024.114480_br0070
– volume: vol. 5157
  start-page: 280
  year: 2008
  ident: 10.1016/j.tcs.2024.114480_br0480
  article-title: Cryptanalysis of MinRank
– volume: vol. 3715
  start-page: 50
  year: 2005
  ident: 10.1016/j.tcs.2024.114480_br0170
  article-title: A new structural attack for GPT and variants
– volume: 3
  start-page: 129
  year: 2010
  ident: 10.1016/j.tcs.2024.114480_br0400
  article-title: Cryptanalysis of two McEliece cryptosystems based on quasi-cyclic codes
  publication-title: Math. Comput. Sci.
  doi: 10.1007/s11786-009-0015-8
– year: 2017
  ident: 10.1016/j.tcs.2024.114480_br0320
  article-title: McNie: compact McEliece-Niederreiter cryptosystem
– volume: 73
  start-page: 641
  issue: 2
  year: 2014
  ident: 10.1016/j.tcs.2024.114480_br0040
  article-title: Distinguisher-based attacks on public-key cryptosystems using Reed–Solomon codes
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-014-9967-z
– volume: 86
  start-page: 1983
  issue: 9
  year: 2018
  ident: 10.1016/j.tcs.2024.114480_br0560
  article-title: Improved cryptanalysis of rank metric schemes based on Gabidulin codes
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-017-0434-5
– start-page: 114
  year: 1978
  ident: 10.1016/j.tcs.2024.114480_br0010
– volume: vol. 55
  start-page: 175
  year: 2015
  ident: 10.1016/j.tcs.2024.114480_br0050
  article-title: A polynomial-time attack on the BBCRS cryptosystem
– start-page: 108
  year: 2022
  ident: 10.1016/j.tcs.2024.114480_br0420
  article-title: McEliece-type encryption based on Gabidulin codes with no hidden structure
– volume: 62
  start-page: 7245
  issue: 12
  year: 2016
  ident: 10.1016/j.tcs.2024.114480_br0110
  article-title: On the hardness of the decoding and the minimum distance problems for rank codes
  publication-title: IEEE Trans. Inf. Theory
  doi: 10.1109/TIT.2016.2616127
– year: 2020
  ident: 10.1016/j.tcs.2024.114480_br0330
  article-title: BIKE: bit flipping key encapsulation
– volume: vol. 12107
  start-page: 64
  year: 2020
  ident: 10.1016/j.tcs.2024.114480_br0490
  article-title: An algebraic attack on rank metric code-based cryptosystems
– start-page: 40
  year: 2004
  ident: 10.1016/j.tcs.2024.114480_br0510
  article-title: Construction of new MDS codes from Gabidulin codes
– volume: 9
  start-page: 221
  issue: 3
  year: 1998
  ident: 10.1016/j.tcs.2024.114480_br0590
  article-title: On the concatenated structure of a linear code
  publication-title: Appl. Algebra Eng. Commun. Comput.
  doi: 10.1007/s002000050104
– volume: 38
  start-page: 237
  issue: 3
  year: 2002
  ident: 10.1016/j.tcs.2024.114480_br0440
  article-title: New technique for decoding codes in the rank metric and its cryptography applications
  publication-title: Probl. Inf. Transm.
  doi: 10.1023/A:1020369320078
– year: 2020
  ident: 10.1016/j.tcs.2024.114480_br0600
  article-title: Classic McEliece: conservative code-based cryptography
– volume: 62
  start-page: 1006
  issue: 2
  year: 2016
  ident: 10.1016/j.tcs.2024.114480_br0450
  article-title: On the complexity of the rank syndrome decoding problem
  publication-title: IEEE Trans. Inf. Theory
  doi: 10.1109/TIT.2015.2511786
– volume: 83
  start-page: 24
  issue: 1
  year: 2000
  ident: 10.1016/j.tcs.2024.114480_br0270
  article-title: How to enhance the security of public-key encryption at minimum cost
  publication-title: IEICE Trans. Fundam. Electron. Commun. Comput. Sci.
– volume: 39
  start-page: 3058
  issue: 7
  year: 2010
  ident: 10.1016/j.tcs.2024.114480_br0300
  article-title: Chosen-ciphertext security via correlated products
  publication-title: SIAM J. Comput.
  doi: 10.1137/100782929
– volume: 24
  start-page: 384
  issue: 3
  year: 1978
  ident: 10.1016/j.tcs.2024.114480_br0430
  article-title: On the inherent intractability of certain coding problems
  publication-title: IEEE Trans. Inf. Theory
  doi: 10.1109/TIT.1978.1055873
– volume: 21
  start-page: 280
  issue: 2
  year: 2008
  ident: 10.1016/j.tcs.2024.114480_br0180
  article-title: Structural attacks for public key cryptosystems based on Gabidulin codes
  publication-title: J. Cryptol.
  doi: 10.1007/s00145-007-9003-9
– volume: 90
  start-page: 215
  issue: 1
  year: 2022
  ident: 10.1016/j.tcs.2024.114480_br0210
  article-title: Extending Coggia–Couvreur attack on Loidreau's rank-metric cryptosystem
  publication-title: Des. Codes Cryptogr.
  doi: 10.1007/s10623-021-00972-7
– volume: 21
  start-page: 3
  issue: 1
  year: 1985
  ident: 10.1016/j.tcs.2024.114480_br0060
  article-title: Theory of codes with maximum rank distance
  publication-title: Probl. Pereda. Inf.
SSID ssj0000576
Score 2.4228451
Snippet This paper presents a new McEliece-type cryptosystem using Gabidulin-Kronecker product codes in the rank metric. The contributions of this paper are as...
SourceID crossref
elsevier
SourceType Index Database
Publisher
StartPage 114480
SubjectTerms Code-based cryptography
Gabidulin-Kronecker product codes
IND-CCA2
McEliece-type cryptosystem
Rank metric
Title A new McEliece-type cryptosystem using Gabidulin-Kronecker product codes
URI https://dx.doi.org/10.1016/j.tcs.2024.114480
Volume 994
WOSCitedRecordID wos001216333100001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: Elsevier SD Freedom Collection Journals 2021
  customDbUrl:
  eissn: 1879-2294
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0000576
  issn: 0304-3975
  databaseCode: AIEXJ
  dateStart: 20211212
  isFulltext: true
  titleUrlDefault: https://www.sciencedirect.com
  providerName: Elsevier
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV3Nb9MwFLeg4wCHAQPExod84ESVqXWdxj5WaN0YMCFRoNolip9tLTukVZui7b_f80fa7AMJkLhE6WsdR-_9aj-_T0LeaTDagnVeXTNMuO5x_M-xQQIiRXUEpFa-At-Pz9nJiZhO5dcYP7_07QSyqhIXF3L-X0WNNBS2S539C3GvH4oEvEeh4xXFjtc_EvzIdQnvOjtbacAk3sYKi8t5PQtVm7srbx44LFSpXRh68mkxq4yLrnDBWq78a9fluS_bauukle4IsQ9EN26eG7eSX8BOz9aU07NVtEYflxWCI26S_pvZyv_Y9RZYU8eeNsYxyU9Ttu0RjG-i_4KR7FaiTEjOcg4YGZqk7Juw1opMJoyFHsfNYizDx1sLe7AxnO_X4GqsM-5qHPPQA-pGvexvbi43lYuOdQrkfbLFslSKDtkafTyYHm826jQLruz4bo3T24f_3ZjobrWlpYpMnpDteIagoyD7p-SeqXbI46Y_B43L9Q559GVdk3f5jByNKAKDXgMGbQODemDQO4BBIzCoB8Zz8n18MPlwlMQ-Ggng4bpOMi6hJ5Tq20zoftHjBQDeW8M0yxQDa1U2xN3GSGFVkeqizxWwYQocrLbKDF6QToUTviQ0ZQrPrJIDA8kHQkuj3aOEEHjOtjLdJe8bNuXzUC4lb-IIz3Pkae54mgee7hLeMDKPkA16XI5S__2wvX8b9oo83MD1NenUi5V5Qx7Ar7pcLt5GbFwB9m96ig
linkProvider Elsevier
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+new+McEliece-type+cryptosystem+using+Gabidulin-Kronecker+product+codes&rft.jtitle=Theoretical+computer+science&rft.au=Sun%2C+Zhe&rft.au=Zhuang%2C+Jincheng&rft.au=Zhou%2C+Zimeng&rft.au=Fu%2C+Fang-Wei&rft.date=2024-05-01&rft.pub=Elsevier+B.V&rft.issn=0304-3975&rft.eissn=1879-2294&rft.volume=994&rft_id=info:doi/10.1016%2Fj.tcs.2024.114480&rft.externalDocID=S0304397524000951
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0304-3975&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0304-3975&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0304-3975&client=summon