Efficient Encryption From Random Quasi-Cyclic Codes

We propose a framework for constructing efficient code-based encryption schemes that do not hide any structure in their public matrix. The framework is in the spirit of the schemes first proposed by Alekhnovich in 2003 and based on the difficulty of decoding random linear codes from random errors of...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information theory Vol. 64; no. 5; pp. 3927 - 3943
Main Authors: Aguilar-Melchor, Carlos, Blazy, Olivier, Deneuville, Jean-Christophe, Gaborit, Philippe, Zemor, Gilles
Format: Journal Article
Language:English
Published: New York IEEE 01.05.2018
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Institute of Electrical and Electronics Engineers
Subjects:
Code-based cryptography
Codes
Computer Science
Computer systems
Cryptography
Cryptography and Security
Data encryption
Decoding
Encoding
Encryption
Failure analysis
Information Theory
Mathematics
Measurement
Parameters
Parity
post-quantum cryptography
provable security
Public key
public-key encryption
Random errors
Security
Weight
ISSN:0018-9448, 1557-9654
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We propose a framework for constructing efficient code-based encryption schemes that do not hide any structure in their public matrix. The framework is in the spirit of the schemes first proposed by Alekhnovich in 2003 and based on the difficulty of decoding random linear codes from random errors of low weight. We depart somewhat from Alekhnovich's approach and propose an encryption scheme based on the difficulty of decoding random quasi-cyclic codes. We propose two new cryptosystems instantiated within our framework: the hamming quasi-cyclic cryptosystem (HQC), based on the hamming metric, and the rank quasi-cyclic cryptosystem (RQC), based on the rank metric. We give a security proof, which reduces the indistinguishability under chosen plaintext attack security of our systems to a decision version of the well-known problem of decoding random families of quasi-cyclic codes for the hamming and rank metrics (the respective <inline-formula> <tex-math notation="LaTeX">\mathsf {QCSD} </tex-math></inline-formula> and <inline-formula> <tex-math notation="LaTeX">\mathsf {RQCSD} </tex-math></inline-formula> problems). We also provide an analysis of the decryption failure probability of our scheme in the Hamming metric case: for the rank metric there is no decryption failure. Our schemes benefit from a very fast decryption algorithm together with small key sizes of only a few thousand bits. The cryptosystems are very efficient for low encryption rates and are very well suited to key exchange and authentication. Asymptotically, for <inline-formula> <tex-math notation="LaTeX">\lambda </tex-math></inline-formula> the security parameter, the public key sizes are respectively in <inline-formula> <tex-math notation="LaTeX">\mathcal {O}({\lambda }^{2}) </tex-math></inline-formula> for HQC and in <inline-formula> <tex-math notation="LaTeX">\mathcal {O}\left({\lambda ^{\frac {4}{3}}}\right) </tex-math></inline-formula> for RQC. Practical parameter compares well to the systems based on ring-learning parity with noise or the recent moderate density parity check codes system.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0018-9448
1557-9654
DOI:10.1109/TIT.2018.2804444