Canal-U

Mon compte

Résultats de recherche

Nombre de programmes trouvés : 17755
Label UNT Vidéocours

le (6m21s)

4.2. Support Splitting Algorithm

This session will be about the support splitting algorithm. For the q-ary case, there are three different notions of equivalence. The general one: two codes of length n are semi-linear equivalent if they are equal up to a fixed linear map. Each linear map is the composition of a permutation, a scalar multiplication, which could vary for each coordinate, and a field automorphism. But for this session, we consider a more restrictive definition, which coincides with the general case for binary linear code. Two codes are permutation-equivalent if they are ...
Voir la vidéo
Label UNT Vidéocours

le (5m19s)

4.3. Distinguisher for GRS codes

In this session we will see that generalized Reed-Solomon codes behave differently than random codes with respect to the star operation. Thus we can define a distinguisher for Generalized Reed-Solomon codes. Let us recall the definition of Generalized Reed-Solomon codes. We will need an n-tuple of mutually distinct elements of Fq. We need a vector b which is an n-tuple of nonzero elements of Fq. We need to define the vector space of all polynomials of degree at most k and we also need to define a evaluation map. Then the ...
Voir la vidéo
Label UNT Vidéocours

le (3m57s)

4.4. Attack against subcodes of GRS codes

In this session, we will talk about using subcodes of a Generalized Reed–Solomon code for the McEliece Cryptosystem. Recall that to avoid the attack of Sidelnikov and Shestakov, Berger and Loidreau proposed to replace Generalized Reed–Solomon codes by some random subcodes of small codimension. However, this attack has been broken by Wieschebrink in 2006 using square code considerations. The idea of the attack is very simple. The public key is a subcode of large dimension, otherwise a generic attack could be applied. And we also know the error-correcting capacity ...
Voir la vidéo
Label UNT Vidéocours

le (5m32s)

4.5. Error-Correcting Pairs

We present in this session a general decoding method for linear codes. And we will see it in an example. Let C be a generalized Reed-Solomon code of dimension k associated to the pair (c, d). Then, its dual is again a generalized Reed-Solomon code with the same locator and another column multiplier we will denote by d^ (d dual). Now, consider the codes A and B.  These codes have not been chosen at random. First, notice that the star product of these two codes is the dual of C. Suppose that these codes ...
Voir la vidéo
Label UNT Vidéocours

le (5m28s)

4.6. Attack against GRS codes

In this session we will discuss the proposal of using generalized Reed-Solomon codes for the McEliece cryptosystem. As we have already said, generalized Reed-Solomon codes were proposed in 1986 by Niederreiter. Recall that these codes are MDS, that is, they attain the maximum error correcting capacity which is interpreted as shorter keys for the same level of security. Moreover, these codes have efficient decoding algorithms so they are suitable candidates for code-based cryptography. But this proposal is subject to a polynomial attack by Sidelnikov-Shestakov. Take notice that if we know ...
Voir la vidéo
Label UNT Vidéocours

le (5m48s)

4.7. Attack against Reed-Muller codes

In this session, we will introduce an attack against binary Reed-Muller codes. Reed-Muller codes were introduced by Muller in 1954 and, later, Reed provided the first efficient decoding algorithm for these codes. Reed-Muller are just a generalization of generalized Reed-Solomon codes. Generalized Reed-Solomon codes are evaluation of univariate polynomials, and Reed-Muller codes are evaluation of multivariate polynomials. We will study binary Reed-Muller codes. The binary Reed-Muller consists of the set of codewords obtained by evaluating all the Boolean functions of degree r with m variables. Thus, the block length of ...
Voir la vidéo
Label UNT Vidéocours

le (6m46s)

4.8. Attack against Algebraic Geometry codes

In this session, we will present an attack against Algebraic Geometry codes (AG codes). Algebraic Geometry codes is determined by a triple. First of all, an algebraic curve of genus g, then a n-tuple of rational points and then a divisor which has disjoint support from the n-tuple P. Then, the Algebraic Geometry code is obtained by evaluating at P all functions that belong to the vector space associated to the divisor E. Some properties of these codes are nearly optimal codes, that is, their designed minimum distance is nearly the optimal ...
Voir la vidéo
Label UNT Vidéocours

le (4m4s)

4.9. Goppa codes still resist

All the results that we have seen this week doesn't mean that code based cryptography is broken. So in this session we will see that Goppa code still resists to all these attacks. So recall that it is assumed that Goppa codes are pseudorandom, that is there exist no efficient distinguisher for Goppa code. An efficient distinguisher was built for the case of high rate codes, where the rate is very close to 1, but no generalization of this distinguisher is known. The best known attacks are based on the ...
Voir la vidéo
Label UNT Vidéocours

le (4m33s)

5.1. Code-Based Digital Signatures

Welcome to the last week of this MOOC on code-based cryptography. This week, we will be discussing other cryptographic constructions relying on coding theory. We have seen how to do public key encryption and now we will see other kind of constructions. This first sequence we'll be having a look at digital signatures and how to design code-based digital signatures. So, what is digital signature? A digital signature is meant to replace a paper signature on a digital document. Exactly like a paper signature, only one person should be able to ...
Voir la vidéo
Label UNT Vidéocours

le (4m22s)

5.2. The Courtois-Finiasz-Sendrier (CFS) Construction

In this session, I am going to present the Courtois-Finiasz-Sendrier Construction of a code-based digital signature. In the previous session, we have seen that it is impossible to hash a document into decodable syndromes. But it is possible to hash onto the space of all syndromes. The document is not always decodable. And we are going to see two techniques to work around this problem. The first technique is to add a counter to the document. This way, we hash both the counter and the document and obtain a hash which is tied to both the document and the ...
Voir la vidéo

 
FMSH
 
Facebook Twitter
Mon Compte