Designs, Codes and Cryptography最新文献

An n-server information-theoretic Distributed Point Function (DPF) allows a client to secret-share a point function (f_{alpha ,beta }(x)) with domain [N] and output group (mathbb {G}) among n servers such that each server learns no information about the function from its share (called a key) but can compute an additive share of (f_{alpha ,beta }(x)) for any x. DPFs with small key sizes and general output groups are preferred. In this paper, we propose a new transformation from share conversions to information-theoretic DPFs. By applying it to the share conversions from Efremenko’s PIR and Dvir–Gopi PIR, we obtain both an 8-server DPF with key size ( O(2^{10sqrt{log Nlog log N}}+log p)) and output group (mathbb {Z}_p) and a 4-server DPF with key size (O(tau cdot 2^{6sqrt{log Nlog log N}})) and output group (mathbb {Z}_{2^tau }). The former allows us to partially answer an open question by Boyle, Gilboa, Ishai, and Kolobov (ITC 2022) and the latter allows us to build the first DPFs that may take any finite Abelian groups as output groups. We also discuss how to further reduce the key sizes by using different PIRs, how to reduce the number of servers by resorting to statistical security or using nice integers, and how to obtain DPFs with t-security. We show the applications of the new DPFs by constructing new efficient PIR protocols with result verification.

Permutation and multi-permutation codes have been widely studied due to their potential applications in communications and storage systems, especially in flash memory. In this paper, we consider balanced multi-permutation codes correcting a single burst of stable deletions of length t and length at most t, respectively. Based on the properties of burst stable deletions and stabilizer permutation subgroups, we propose two constructions of multi-permutation codes correcting a single burst of stable deletions of length up to some parameter. The multi-permutation codes can achieve larger rates than available codes while maintaining simple interleaving structures. Moreover, the decoding methods are given in proofs and verified by examples.

We provide a new construction of quantum codes that enables integration of a broader class of classical codes into the mathematical framework of quantum stabilizer codes. Next, we present new connections between twisted codes and linear cyclic codes and provide novel bounds for the minimum distance of twisted codes. We show that classical tools such as the Hartmann–Tzeng minimum distance bound are applicable to twisted codes. This enabled us to discover five new infinite families and many other examples of record-breaking, and sometimes optimal, binary quantum codes. We also discuss the role of the (gamma ) value on the parameters of twisted codes and present new results regarding the construction of twisted codes with different (gamma ) values but identical parameters. Finally, we list many new record-breaking binary quantum codes that we obtained from additive twisted, linear cyclic, and constacyclic codes.

In this paper we study skew group codes as left ideals in some skew group rings. We have constructed a large class of LCD codes and a class of an LCD MDS codes. An important interest is given to the construction of idempotents generators of these codes.

We offer this tribute to our friend and colleague, Jenny Key. After describing her education and career, we comment on her areas of research. The paper concludes with a complete list of her publications.

We present a secret-key encryption scheme based on random rank metric ideal linear codes with a simple decryption circuit. It supports unlimited homomorphic additions and plaintext multiplications (i.e. the homomorphic multiplication of a clear plaintext with a ciphertext) as well as a fixed arbitrary number of homomorphic multiplications. We study a candidate bootstrapping algorithm that requires no multiplication but additions and plaintext multiplications only. This latter operation is therefore very efficient in our scheme, whereas bootstrapping is usually the main reason which penalizes the performance of other fully homomorphic encryption schemes. However, the security reduction of our scheme restricts the number of independent ciphertexts that can be published. In particular, this prevents to securely evaluate the bootstrapping algorithm as the number of ciphertexts in the key switching material is too large. Our scheme is nonetheless the first somewhat homomorphic encryption scheme based on random ideal codes and a first step towards full homomorphism. Random ideal codes give stronger security guarantees as opposed to existing constructions based on highly structured codes. We give concrete parameters for our scheme that shows that it achieves competitive sizes and performance, with a key size of 3.7 kB and a ciphertext size of 0.9 kB when a single multiplication is allowed.

Ternary isodual codes and their duals are shown to support 3-designs under mild symmetry conditions. These designs are held invariant by a double cover of the permutation part of the automorphism group of the code. Examples of interest include extended quadratic residues (QR) codes of lengths 14 and 38 whose automorphism groups are PSL(2, 13) and PSL(2, 37), respectively. We also consider Generalized Quadratic Residue (GQR) codes in the sense of Lint and MacWiliams (IEEE Trans Inf Theory 24(6): 730-737,1978). These codes are the abelian generalizations of the Quadratic Residue (QR) codes which are cyclic. We construct them as row span of a Jacobsthal matrix. In lengths 50 and 26 we obtain 3-designs invariant under a double cover of (P{Sigma }L(2,49),) and (P{Sigma }L(2,25),) respectively. In addition, from block orbits of these 3-designs we construct a number of other 3-designs and 2-designs. Finally, we apply the same construction to the binary extended GQR code of length 82.

We present a signature scheme based on the syndrome decoding (SD) problem in rank metric. It is a construction from Multi-Party Computation (MPC), using a MPC protocol which is a slight improvement of the linearized polynomial protocol used in Feneuil (Cryptology ePrint Archive, Report 2022/1512, 2022), allowing to obtain a zero-knowledge proof thanks to the MPCitH (MPC-in-the-Head) paradigm. We design two different zero-knowledge proofs exploiting this paradigm: the first, which reaches the lower communication costs, relies on additive secret sharing and uses the hypercube technique (Aguilar-Melchor et al., in: Cryptology ePrint Archive, Report 2022/1645, 2022); and the second relies on low-threshold linear secret sharing as proposed in Feneuil (Cryptology ePrint Archive, Report 2022/1512, 2022). These proofs of knowledge are transformed to signature schemes thanks to the Fiat–Shamir transform (Fiat and Shamir, in: International Cryptology Conference (CRYPTO), 1986) and the resulting schemes have signatures of size less than 6 kB. These performances prompted us to propose this signature scheme to the post-quantum cryptography standardization process organized by NIST.

Selective opening security ensures that, when an adversary is given multiple ciphertexts and corrupts a subset of the senders (thereby obtaining the plaintexts and the senders’ randomness), the privacy of the remaining ciphertexts is still preserved. Previous selective opening secure IBE schemes encrypt messages bit-by-bit, or only achieve selective-id security. In this paper, we present the first adaptive-id, selective opening secure identity-based encryption (IBE) tightly from LWE. To achieve this, we introduce a new primitive called delegatable all-but-many lossy trapdoor functions (DABM-LTDF) and provide a generic construction that converts DABM-LTDF into an adaptive-id, selective opening secure IBE through a tight security reduction. Finally, we construct a concrete DABM-LTDF from the LWE assumption, resulting in the first adaptive-id, selective opening secure IBE from LWE.

Sieving using near-neighbor search techniques is a well-known method in lattice-based cryptanalysis, yielding the current best runtime for the shortest vector problem in both the classical and quantum setting. Recently, sieving has also become an important tool in code-based cryptanalysis. Specifically, a variant of the information-set decoding (ISD) framework, commonly used for attacking cryptographically relevant instances of the decoding problem, has been introduced that involves a sieving subroutine. The resulting sieving-based ISD framework yields complexities close to the best-performing classical algorithms for the decoding problem. It is therefore natural to ask how well quantum versions perform. In this work, we introduce the first quantum algorithms for code sieving by designing quantum variants of the aforementioned sieving subroutine. In particular, using quantum-walk techniques, we provide a speed-up over classical code sieving and over a variant using Grover’s algorithm. Our quantum-walk algorithm exploits the structure of the underlying search problem by adding a layer of locality sensitive filtering, inspired by a quantum-walk algorithm for lattice sieving. We complement our asymptotic analysis of the quantum algorithms with numerical results, and observe that our quantum speed-ups for code sieving behave similarly as those observed in lattice sieving. In addition, we show that a natural quantum analog of the sieving-based ISD framework does not provide any speed-up over the first quantum ISD algorithm. Our analysis highlights that the framework should be adapted in order to outperform state-of-the-art quantum ISD algorithms.