Paper 2023/1875

The Blockwise Rank Syndrome Learning problem and its applications to cryptography

Nicolas Aragon, University of Limoges
Pierre Briaud, French Institute for Research in Computer Science and Automation
Victor Dyseryn, University of Limoges
Philippe Gaborit, University of Limoges
Adrien Vinçotte, University of Limoges
Abstract

This paper is an extended version of [8] published in PQCrypto 2024, in which we combine two approaches, blockwise errors and multi-syndromes, in a unique approach which leads to very efficient generalized RQC and LRPC schemes. The notion of blockwise error in a context of rank based cryptography has been recently introduced in [31]. This notion of error, very close to the notion of sum-rank metric [27], permits, by decreasing the weight of the decoded error, to greatly improve parameters for the LRPC and RQC cryptographic schemes. A little before, the multi-syndromes approach introduced for LRPC and RQC schemes in [3,18] also allowed to considerably decrease parameters sizes for LRPC and RQC schemes, through in particular the introduction of Augmented Gabidulin codes. In order to combine these approaches, we introduced in [8] the Blockwise Rank Support Learning problem. It consists of guessing the support of the errors when several syndromes are given in input, with blockwise structured errors. The new schemes we introduced have very interesting features since for 128 bits security they permit to obtain generalized schemes for which the sum of public key and ciphertext is only 1.4 kB for the generalized RQC scheme and 1.7 kB for the generalized LRPC scheme. In this extended version we give the following new features. First, we propose a new optimization on the main protocol which consists in considering 1 in the support of an error, allowing to deduce a subspace of the error to decode and improve the decoding capacity of our LRPC code, while maintaining an equal level of security. The approach of the original paper permits to reach a gain in terms of parameters size when compared to previous results [18,31], and this optimization allows to reduce the parameters by another for higher security level. We obtain better results in terms of size than the KYBER scheme whose total sum is 1.5 kB. Second we give a more detailed analysis of the algebraic attacks on the -RD problem we proposed in [8], which allowed to cryptanalyze all blockwise LRPC parameters proposed in [31] (with an improvement of more than 40 bits in the case of structural attacks). And at last, third, we propose a more detailed introduction to the historical background about rank metric, especially on the RQC and LRPC cryptosystems and their recent improvements and we add some parameters for the case of classical RQC (the case of only one given syndrome, that is a special case of our scheme, for which we could achieve 1.5 kB for the sum of the public key and the ciphertext), which compares very well to the previous version of classical RQC.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
post-quantum cryptographycode-based cryptographyrank metriccryptanalysispkc
Contact author(s)
nicolas aragon @ unilim fr
pierre briaud @ inria fr
victor dyseryn @ gmail com
gaborit @ unilim fr
adrien vincotte @ etu unilim fr
History
2025-03-02: last of 3 revisions
2023-12-06: received
See all versions
Short URL
https://ia.cr/2023/1875
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/1875,
      author = {Nicolas Aragon and Pierre Briaud and Victor Dyseryn and Philippe Gaborit and Adrien Vinçotte},
      title = {The Blockwise Rank Syndrome Learning problem and its applications to cryptography},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1875},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1875}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.