Vidéo pédagogique
Notice
Sous-titrage
Anglais
Langue :
Anglais
Crédits
Irene Marquez-Corbella (Intervention), Nicolas Sendrier (Intervention), Matthieu Finiasz (Intervention)
Conditions d'utilisation
Ces ressources de cours sont, sauf mention contraire, diffusées sous Licence Creative Commons. L’utilisateur doit mentionner le nom de l’auteur, il peut exploiter l’œuvre sauf dans un contexte commercial et il ne peut apporter de modifications à l’œuvre originale.
DOI : 10.60527/xwmq-ja20
Citer cette ressource :
Irene Marquez-Corbella, Nicolas Sendrier, Matthieu Finiasz. Inria. (2015, 5 mai). 3.6. Stern/Dumer Algorithm , in 3: Message Attacks (ISD). [Vidéo]. Canal-U. https://doi.org/10.60527/xwmq-ja20. (Consultée le 10 juin 2024)
logo Inria
Inria - Institut national de recherche en sciences et technologies du numérique
S'abonner
Contacter

3.6. Stern/Dumer Algorithm

Réalisation : 5 mai 2015 - Mise en ligne : 20 février 2017
  • document 1 document 2 document 3
  • niveau 1 niveau 2 niveau 3
Descriptif

In this session, we willpresent the Stern algorithm for decoding. In fact, the idea is to combine two algorithmsthat we have seen before, the Lee and Brickell algorithmand the Birthday Decoding.  So, instead of a fullGaussian elimination, we will simply have a partial Gaussianelimination as presented here. And if we look at the lowerpart, what is called step 1, in red here in thisslide, it is, in fact, a smaller CSD problem witha smaller matrix H', with a smaller target syndrome s' and with the weight p. So, now we are going tosolve this smaller problem in the first step. In fact, weare going to find all or most solutions to that problem e'. And for every e'foundin step 1, we will check in step 2 whetherthis particular solution e'can be extended to asolution of the full CSD problem. If we solve the firststep using enumeration, as I presented as the veryfirst algorithm, then we obtain an algorithm which is very similarto the Lee and Brickell algorithm. But, if we use for step 1a Birthday Decoding, then we obtain a significantspeedup for decoding and it is in fact the Dumer Algorithm. Now, I will describe this algorithm. So, we are trying to solve CSD of H, s, w and this time wehave two additional integer parameters p and l. And we repeat the following:we pick a permutation matrix P, we make a partial Gaussianelimination as you can see on the right of the slide,obtaining U, H', H'', s', s''. We solve the small CSD problem with H', s' and p - we solve this onewith Birthday Decoding - and  for every solution of theproblem we will construct the second part of the error e''. And if we are lucky,this second part of the error pattern e''has asufficiently small weight, and then, provides thesolution to our problem.  So, what I presentedis the Dumer algorithm. In fact, this algorithmwas published in 1991. But Sternalgorithm, which is slightly more expensive, waspresented two years before.

Intervention
Thème
Disciplines :
Documentation
Support de présentation au format PDF

Dans la même collection

Voir tout

Avec les mêmes intervenants et intervenantes

Sur le même thème