Martin Bossert

Peter Beelen, Martin Bossert, Sven Puchinger et al.

We present a generalisation of Twisted Reed-Solomon codes containing a new large class of MDS codes. We prove that the code class contains a large subfamily that is closed under duality. Furthermore, we study the Schur squares of the new codes and show that their dimension is often large. Using these structural properties, we single out a subfamily of the new codes which could be considered for code-based cryptography: These codes resist some existing structural attacks for Reed-Solomon-like codes, i.e. methods for retrieving the code parameters from an obfuscated generator matrix.

Sven Müelich, Sven Puchinger, Martin Bossert

Physical Unclonable Functions (PUFs) exploit variations in the manufacturing process to derive bit sequences from integrated circuits, which can be used as secure cryptographic keys. Instead of storing the keys in an insecure, non-volatile memory, they can be reproduced when needed. Since the reproduced sequences are not stable due to physical reasons, error correction must be applied. Recently, convolutional codes were shown to be suitable for key reproduction in PUFs based on SRAM. This work shows how to further decrease the reconstruction failure probability and PUF implementation size using codes with larger memory length and decoding concepts such as soft-information and list decoding.

Sven Müelich, Martin Bossert

Error correction is an indispensable component when Physical Unclonable Functions (PUFs) are used in cryptographic applications. So far, there exist schemes that obtain helper data, which they need within the error correction process. We introduce a new scheme, which only uses an error correcting code without any further helper data. The main idea is to construct for each PUF instance an individual code which contains the initial PUF response as codeword. In this work we use LDPC codes, however other code classes are also possible. Our scheme allows a trade-off between code rate and cryptographic security. In addition, decoding with linear complexity is possible.

Sven Müelich, Sven Puchinger, Martin Bossert

We present a new approach on low-rank matrix recovery (LRMR) based on Gabidulin Codes. Since most applications of LRMR deal with matrices over infinite fields, we use the recently introduced generalization of Gabidulin codes to fields of characterstic zero. We show that LRMR can be reduced to decoding of Gabidulin codes and discuss which field extensions can be used in the code construction.

Sven Puchinger, Sven Müelich, Karim Ishak et al.

The security of public-key cryptosystems is mostly based on number theoretic problems like factorization and the discrete logarithm. There exists an algorithm which solves these problems in polynomial time using a quantum computer. Hence, these cryptosystems will be broken as soon as quantum computers emerge. Code-based cryptography is an alternative which resists quantum computers since its security is based on an NP-complete problem, namely decoding of random linear codes. The McEliece cryptosystem is the most prominent scheme to realize code-based cryptography. Many codeclasses were proposed for the McEliece cryptosystem, but most of them are broken by now. Sendrier suggested to use ordinary concatenated codes, however, he also presented an attack on such codes. This work investigates generalized concatenated codes to be used in the McEliece cryptosystem. We examine the application of Sendrier's attack on generalized concatenated codes and present alternative methods for both partly finding the code structure and recovering the plaintext from a cryptogram. Further, we discuss modifications of the cryptosystem making it resistant against these attacks.