Skip to Main content Skip to Navigation
Journal articles

On the Complexity of the Rank Syndrome Decoding Problem

Philippe Gaborit 1 Olivier Ruatta 1 Julien Schreck 2, 3
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : In this paper, we propose two new generic attacks on the rank syndrome decoding (RSD) problem. Let C be a random [n, k] rank code over GF(qm) and let y = x + e be a received word, such that x ∈ C and rank(e) = r. The first attack, the support attack, is combinatorial and permits to recover an error e of rank weight r in min(O((n - k)3m3qr1(km/n)J, O((n - k)3m3q⌈(r-1)I(((k+1)m)/n)J))⌉ operations on GF(q). This new attack improves the exponent for the best generic attack for the RSD problem in the case n > m, by introducing the ratio m/n in the exponential coefficient of the previously best known attacks. The second attack, the annulator polynomial attack, is an algebraic attack based on the theory of q-polynomials introduced by Ore. We propose a new algebraic setting for the RSD problem that permits to consider equations and unknowns in the extension field GF(qm) rather than in GF(q) as it is usually the case. We consider two approaches to solve the problem in this new setting. The linearization technique shows that if n ≥ (k + 1) (r + 1) - 1 the RSD problem can be solved in polynomial time. More generally, we prove that if [(((r + 1)(k + 1)- (n + 1))/r)1 ≤ k, the RSD problem can be solved with an average complexity of O(r3k3qrΓ(((r+1)(k+1)-(n+1))/r)l)⌉ operations in the base field GF(q). We also consider solving with Gröbner bases for which we discuss theoretical complexity, we also consider hybrid solving with Gröbner bases on practical parameters. As an example of application, we use our new attacks on all recent cryptosystems parameters, which repair the GPT cryptosystem, we break all examples of published proposed parameters, and some parameters are broken in less than 1 s in certain cases.
Document type :
Journal articles
Complete list of metadata
Contributor : Julien Schrek Connect in order to contact the contributor
Submitted on : Tuesday, March 1, 2016 - 1:05:05 PM
Last modification on : Wednesday, December 22, 2021 - 11:58:08 AM

Links full text



Philippe Gaborit, Olivier Ruatta, Julien Schreck. On the Complexity of the Rank Syndrome Decoding Problem. IEEE Transactions on Information Theory, Institute of Electrical and Electronics Engineers, 2016, IEEE Transactions on Information Theory, 62 (2), pp.1006/1019. ⟨10.1109/TIT.2015.2511786⟩. ⟨hal-01280904⟩



Les métriques sont temporairement indisponibles