Skip to Main content Skip to Navigation

On the Complexity of the Rank Syndrome Decoding Problem

Philippe Gaborit 1 Olivier Ruatta 1 Julien Schreck 2, 3
2 Lab-STICC_TB_CID_SFIIS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : In this paper, we propose two new generic attacks on the rank syndrome decoding (RSD) problem. Let C be a random [n, k] rank code over GF(qm) and let y = x + e be a received word, such that x ∈ C and rank(e) = r. The first attack, the support attack, is combinatorial and permits to recover an error e of rank weight r in min(O((n - k)3m3qr1(km/n)J, O((n - k)3m3q⌈(r-1)I(((k+1)m)/n)J))⌉ operations on GF(q). This new attack improves the exponent for the best generic attack for the RSD problem in the case n > m, by introducing the ratio m/n in the exponential coefficient of the previously best known attacks. The second attack, the annulator polynomial attack, is an algebraic attack based on the theory of q-polynomials introduced by Ore. We propose a new algebraic setting for the RSD problem that permits to consider equations and unknowns in the extension field GF(qm) rather than in GF(q) as it is usually the case. We consider two approaches to solve the problem in this new setting. The linearization technique shows that if n ≥ (k + 1) (r + 1) - 1 the RSD problem can be solved in polynomial time. More generally, we prove that if [(((r + 1)(k + 1)- (n + 1))/r)1 ≤ k, the RSD problem can be solved with an average complexity of O(r3k3qrΓ(((r+1)(k+1)-(n+1))/r)l)⌉ operations in the base field GF(q). We also consider solving with Gröbner bases for which we discuss theoretical complexity, we also consider hybrid solving with Gröbner bases on practical parameters. As an example of application, we use our new attacks on all recent cryptosystems parameters, which repair the GPT cryptosystem, we break all examples of published proposed parameters, and some parameters are broken in less than 1 s in certain cases.
Document type :
Journal articles
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-01280904
Contributor : Julien Schrek <>
Submitted on : Tuesday, March 1, 2016 - 1:05:05 PM
Last modification on : Thursday, December 19, 2019 - 1:11:48 AM

Links full text

Identifiers

Citation

Philippe Gaborit, Olivier Ruatta, Julien Schreck. On the Complexity of the Rank Syndrome Decoding Problem . IEEE Transactions on Information Theory, Institute of Electrical and Electronics Engineers, 2016, IEEE Transactions on Information Theory 62 (2), pp.1006/1019. ⟨10.1109/TIT.2015.2511786⟩. ⟨hal-01280904⟩

Share

Metrics

Record views

280