Designs, Codes and Cryptography最新文献

{"title":"Quantum sieving for code-based cryptanalysis and its limitations for ISD","authors":"Lynn Engelberts, Simona Etinski, Johanna Loyer","doi":"10.1007/s10623-024-01545-0","DOIUrl":"https://doi.org/10.1007/s10623-024-01545-0","url":null,"abstract":"<p>Sieving using near-neighbor search techniques is a well-known method in lattice-based cryptanalysis, yielding the current best runtime for the shortest vector problem in both the classical and quantum setting. Recently, sieving has also become an important tool in code-based cryptanalysis. Specifically, a variant of the information-set decoding (ISD) framework, commonly used for attacking cryptographically relevant instances of the decoding problem, has been introduced that involves a sieving subroutine. The resulting sieving-based ISD framework yields complexities close to the best-performing classical algorithms for the decoding problem. It is therefore natural to ask how well quantum versions perform. In this work, we introduce the first quantum algorithms for code sieving by designing quantum variants of the aforementioned sieving subroutine. In particular, using quantum-walk techniques, we provide a speed-up over classical code sieving and over a variant using Grover’s algorithm. Our quantum-walk algorithm exploits the structure of the underlying search problem by adding a layer of locality sensitive filtering, inspired by a quantum-walk algorithm for lattice sieving. We complement our asymptotic analysis of the quantum algorithms with numerical results, and observe that our quantum speed-ups for code sieving behave similarly as those observed in lattice sieving. In addition, we show that a natural quantum analog of the sieving-based ISD framework does not provide any speed-up over the first quantum ISD algorithm. Our analysis highlights that the framework should be adapted in order to outperform state-of-the-art quantum ISD algorithms.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"20 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2025-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142916896","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Divisible design graphs from the symplectic graph","authors":"Bart De Bruyn, Sergey Goryainov, Willem H. Haemers, Leonid Shalaginov","doi":"10.1007/s10623-024-01557-w","DOIUrl":"https://doi.org/10.1007/s10623-024-01557-w","url":null,"abstract":"<p>A divisible design graph is a graph whose adjacency matrix is an incidence matrix of a (group) divisible design. Divisible design graphs were introduced in 2011 as a generalization of <span>((v,k,lambda ))</span>-graphs. Here we describe four new infinite families that can be obtained from the symplectic strongly regular graph <i>Sp</i>(2<i>e</i>, <i>q</i>) (<i>q</i> odd, <span>(ege 2)</span>) by modifying the set of edges. To achieve this we need two kinds of spreads in <span>(PG(2e-1,q))</span> with respect to the associated symplectic form: the symplectic spread consisting of totally isotropic subspaces and, when <span>(e=2)</span>, a special spread that consists of lines which are not totally isotropic and which is closed under the action of the associated symplectic polarity. Existence of symplectic spreads is known, but the construction of a special spread for every odd prime power <i>q</i> is a main result of this paper. We also show an equivalence between special spreads of <i>Sp</i>(4, <i>q</i>) and certain nice point sets in the projective space <span>(operatorname {PG}(4,q))</span>. We have included relevant background from finite geometry, and when <span>(q=3,5)</span> and 7 we worked out all possible special spreads.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"25 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142887802","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The set of pure gaps at several rational places in function fields","authors":"Alonso S. Castellanos, Erik A. R. Mendoza, Guilherme Tizziotti","doi":"10.1007/s10623-024-01556-x","DOIUrl":"https://doi.org/10.1007/s10623-024-01556-x","url":null,"abstract":"<p>In this work, we explore the use of maximal elements in generalized Weierstrass semigroups and their relationship with pure gaps, extending the results in Castellanos et al. [J Pure Appl Algebra 228(4):107513, 2024]. We provide a method to completely determine the set of pure gaps at several rational places in a function field <i>F</i> over a finite field, where the periods of certain places are the same, and determine its cardinality. As an example, we calculate the cardinality and provide a simple, explicit description of the set of pure gaps at several rational places distinct from the infinity place on Kummer extensions, offering a different characterization from that presented by Hu and Yang [Des Codes Cryptogr 86(1):211–230, 2018]. Furthermore, we present some applications in coding theory and AG codes with good parameters.\u0000</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"23 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142887803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The weight hierarchies of three classes of linear codes","authors":"Wei Lu, Qingyao Wang, Xiaoqiang Wang, Dabin Zheng","doi":"10.1007/s10623-024-01553-0","DOIUrl":"https://doi.org/10.1007/s10623-024-01553-0","url":null,"abstract":"<p>Studying the generalized Hamming weights of linear codes is a significant research area within coding theory, as it provides valuable structural information about the codes and plays a crucial role in determining their performance in various applications. However, determining the generalized Hamming weights of linear codes, particularly their weight hierarchy, is generally a challenging task. In this paper, we focus on investigating the generalized Hamming weights of three classes of linear codes over finite fields. These codes are constructed by different defining sets. By analysing the intersections between the definition sets and the duals of all <i>r</i>-dimensional subspaces, we get the inequalities on the sizes of these intersections. Then constructing subspaces that reach the upper bounds of these inequalities, we successfully determine the complete weight hierarchies of these codes.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"87 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142887805","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Fault attacks on multi-prime RSA signatures","authors":"Chunzhi Zhao, Jinzheng Cao, Junqi Zhang, Qingfeng Cheng","doi":"10.1007/s10623-024-01554-z","DOIUrl":"https://doi.org/10.1007/s10623-024-01554-z","url":null,"abstract":"<p>At CHES 2009, Coron et al. proposed a fault attack on standard RSA signatures based on Coppersmith’s method. This work greatly enhances the practicality of fault attacks on RSA signatures. In practice, multi-prime RSA signatures are widely used due to their faster generation speed. In this paper, we propose fault attacks on multi-prime RSA signatures under the PKCS#1 v2.x protocols. We conduct the fault attacks based on Coppersmith’s method in various scenarios. To be specific, we first consider the case where there is only one fault signature, and then we consider the cases where there are multiple fault signatures with co-prime moduli, common moduli, and arbitrary moduli. For each case, we give the upper bound of the unknowns that can be solved in polynomial time, which improves the practicability of the attacks. Our research is grounded in the EMSA-PKCS1-v1_5 encoding method and has been verified by experiments.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"33 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142887807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Several families of negacyclic BCH codes and their duals","authors":"Zhonghua Sun, Xinyue Liu","doi":"10.1007/s10623-024-01551-2","DOIUrl":"https://doi.org/10.1007/s10623-024-01551-2","url":null,"abstract":"<p>Negacyclic BCH codes are a special subclasses of negacyclic codes, and have the best parameters known in many cases. A family of good negacyclic BCH codes are the <i>q</i>-ary narrow-sense negacyclic BCH codes of length <span>(n=(q^m-1)/2)</span>, where <i>q</i> is an odd prime power. Little is known about the true minimum distance of this family of negacyclic BCH codes and the dimension of this family of negacyclic BCH codes with large designed distance. The main objective of this paper is to study three subfamilies of this family of negacyclic BCH codes. The dimension and true minimum distance of a subfamily of the <i>q</i>-ary narrow-sense negacyclic BCH codes of length <i>n</i> are determined. The dimension and good lower bounds on the minimum distance of two subfamilies of the <i>q</i>-ary narrow-sense negacyclic BCH codes of length <i>n</i> are presented. The minimum distances of the duals of the <i>q</i>-ary narrow-sense negacyclic BCH codes of length <i>n</i> are also investigated. As will be seen, the three subfamilies of negacyclic BCH codes are sometimes distance-optimal and sometimes have the same parameters as the best linear codes known.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"25 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142887804","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On the vector subspaces of $$mathbb {F}_{2^n}$$ over which the multiplicative inverse function sums to zero","authors":"Claude Carlet","doi":"10.1007/s10623-024-01531-6","DOIUrl":"https://doi.org/10.1007/s10623-024-01531-6","url":null,"abstract":"<p>We study the behavior of the multiplicative inverse function (which plays an important role in cryptography and in the study of finite fields), with respect to a recently introduced generalization of almost perfect nonlinearity (APNness), called <i>k</i>th-order sum-freedom, that extends a classic characterization of APN functions, and has also some relationship with integral attacks. This generalization corresponds to the fact that a vectorial function <span>(F:mathbb {F}_2^nmapsto mathbb {F}_2^m)</span> sums to a nonzero value over every <i>k</i>-dimensional affine subspace of <span>(mathbb {F}_2^n)</span>, for some <span>(kle n)</span> (APNness corresponds to <span>(k=2)</span>). The sum of the values of the inverse function <span>(xin mathbb {F}_{2^n}mapsto x^{2^n-2}in mathbb {F}_{2^n})</span> over any affine subspace <i>A</i> of <span>(mathbb {F}_{2^n})</span> not containing 0 (i.e. being not a vector space) has been addressed, thanks to a simple expression of such sum, which shows that it never vanishes. We study in the present paper the case of vector (i.e. linear) subspaces, which is much less simple to handle. The sum depends on a coefficient in subspace polynomials. We study for which values of <i>k</i> the multiplicative inverse function can sum to nonzero values over all <i>k</i>-dimensional vector subspaces. We show that, for every <i>k</i> not co-prime with <i>n</i>, it sums to zero over at least one <i>k</i>-dimensional <span>(mathbb {F}_2)</span>-subspace of <span>(mathbb {F}_{2^n})</span>. We study the behavior of the inverse function over direct sums of vector spaces and we deduce that the property of the inverse function to be <i>k</i>th-order sum-free happens for <i>k</i> if and only if it happens for <span>(n-k)</span>. We derive several other results and we show that the set of values <i>k</i> such that the inverse function is not <i>k</i>th-order sum-free is stable when adding two values of <i>k</i> whose product is smaller than <i>n</i> (and when subtracting two values under some conditions). We clarify the case of dimension at most 4 (equivalently, of co-dimension at most 4) and this allows to address, for every <i>n</i>, all small enough values of <i>k</i> of the form <span>(3a+4b)</span>.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"31 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142887806","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Codes from $$A_m$$ -invariant polynomials","authors":"Giacomo Micheli, Vincenzo Pallozzi Lavorante, Phillip Waitkevich","doi":"10.1007/s10623-024-01550-3","DOIUrl":"https://doi.org/10.1007/s10623-024-01550-3","url":null,"abstract":"<p>Let <i>q</i> be a prime power. This paper provides a new class of linear codes that arises from the action of the alternating group on <span>({mathbb {F}}_q[x_1,dots ,x_m])</span> combined with the ideas in Datta and Johnsen (Des Codes Cryptogr 91(3):747–761, 2023). Compared with Generalized Reed–Muller codes with analogous parameters, our codes have the same asymptotic relative distance but a better rate. Our results follow from combinations of Galois theoretical methods with Weil-type bounds for hypersurfaces.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"153 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142887319","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The support designs of several families of lifted linear codes","authors":"Cunsheng Ding, Zhonghua Sun, Qianqian Yan","doi":"10.1007/s10623-024-01549-w","DOIUrl":"https://doi.org/10.1007/s10623-024-01549-w","url":null,"abstract":"<p>A generator matrix of a linear code <span>({mathcal {C}})</span> over <span>({textrm{GF}}(q))</span> is also a matrix of the same rank <i>k</i> over any extension field <span>({textrm{GF}}(q^ell ))</span> and generates a linear code of the same length, same dimension and same minimum distance over <span>({textrm{GF}}(q^ell ))</span>, denoted by <span>({mathcal {C}}(q|q^ell ))</span> and called a lifted code of <span>({mathcal {C}})</span>. Although <span>({mathcal {C}})</span> and their lifted codes <span>({mathcal {C}}(q|q^ell ))</span> have the same parameters, they have different weight distributions and different applications. Few results about lifted linear codes are known in the literature. This paper proves some fundamental theory for lifted linear codes, and studies the 2-designs of the lifted projective Reed–Muller codes, lifted Hamming codes and lifted Simplex codes. In addition, this paper settles the weight distributions of the lifted Reed–Muller codes of certain orders, and investigates the 3-designs supported by these lifted codes. As a by-product, an infinite family of three-weight projective codes over <span>({textrm{GF}}(4))</span> is obtained.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"25 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142884413","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Low-weight codewords in cyclic codes","authors":"J. G. Coelho, F. E. Brochero Martínez","doi":"10.1007/s10623-024-01547-y","DOIUrl":"https://doi.org/10.1007/s10623-024-01547-y","url":null,"abstract":"<p>We introduce a formula for determining the number of codewords of weight 2 in cyclic codes and provide results related to the count of codewords with weight 3. Additionally, we establish a recursive relationship for binary cyclic codes that connects their weight distribution to the number of solutions of associated systems of polynomial equations. This relationship allows for the computation of weight distributions from known solutions of systems of diagonal equations and vice versa, offering a new insight into the structure and properties of binary cyclic codes.\u0000</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"123 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2024-12-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142884410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}