## Inria

Inria est un organisme public de recherche, dédié aux sciences et technologies du numérique.

Pour vous abonner au podcast de **Inria**, cliquez sur l’icône de votre lecteur favori :

### Liste des programmes

In this session, we will
talk about using subcodes of a Generalized Reed–Solomon code
for the McEliece Cryptosystem. Recall that to avoid the
attack of Sidelnikov and Shestakov, Berger and
Loidreau proposed to replace Generalized Reed–Solomon
codes by some random subcodes of small codimension.
However, this attack has been broken by Wieschebrink in 2006
using square code ...

We present in this session a
general decoding method for linear codes. And we will see it in an example. Let C be a generalized
Reed-Solomon code of dimension k associated to the pair (c, d). Then, its dual is again a
generalized Reed-Solomon code with the same locator
and another column multiplier we ...

In this session we will
discuss the proposal of using generalized Reed-Solomon codes
for the McEliece cryptosystem. As we have already said,
generalized Reed-Solomon codes were proposed in
1986 by Niederreiter. Recall that these codes are
MDS, that is, they attain the maximum error correcting
capacity which is interpreted as shorter keys for the
same level of ...

In this session, we will
introduce an attack against binary Reed-Muller codes. Reed-Muller codes were
introduced by Muller in 1954 and, later, Reed provided the
first efficient decoding algorithm for these codes. Reed-Muller are just a
generalization of generalized Reed-Solomon codes. Generalized Reed-Solomon
codes are evaluation of univariate polynomials,
and Reed-Muller codes are evaluation of
multivariate polynomials. ...

In this session, we will present an
attack against Algebraic Geometry codes (AG codes). Algebraic Geometry codes
is determined by a triple. First of all, an
algebraic curve of genus g, then a n-tuple of rational points
and then a divisor which has disjoint support from the n-tuple P. Then, the Algebraic
Geometry code is ...

All the results that we
have seen this week doesn't mean that code based
cryptography is broken. So in this session we will
see that Goppa code still resists to all these attacks. So recall that it is
assumed that Goppa codes are pseudorandom, that is
there exist no efficient distinguisher for Goppa
code. An ...

Welcome to the last
week of this MOOC on code-based cryptography. This week, we will be
discussing other cryptographic constructions
relying on coding theory. We have seen how to do
public key encryption and now we will see other kind of constructions. This first sequence we'll
be having a look at digital signatures and how ...

In this session, I am
going to present the Courtois-Finiasz-Sendrier
Construction of a code-based digital signature. In the previous session,
we have seen that it is impossible to hash a
document into decodable syndromes. But it is possible to hash
onto the space of all syndromes. The document is not always decodable. And we are going to see two
techniques to ...

In this session, we will
have a look at the attacks against the CFS signature scheme. As for public-key
encryption, there are two kinds of attacks against signature schemes. First kind of attack is
key recovery attacks where an attacker tries to
recover the secret key from the knowledge of the public
key. These attacks ...

In this session, I will
present a variant of the CFS signature scheme called
parallel-CFS. We start from a simple question: what
happens if you try to use two different hash functions and
compute two different CFS signatures? For the signer, you simply
take twice as much computation because you have to
do two signatures. And ...