Karan Khathuria

Nicolas Aragon, Marco Baldi, Jean-Christophe Deneuville et al.

We present an attack against a code-based signature scheme based on the Lyubashevsky protocol that was recently proposed by Song, Huang, Mu, Wu and Wang (SHMWW). The private key in the SHMWW scheme contains columns coming in part from an identity matrix and in part from a random matrix. The existence of two types of columns leads to a strong bias in the distribution of set bits in produced signatures. Our attack exploits such a bias to recover the private key from a bunch of collected signatures. We provide a theoretical analysis of the attack along with experimental evaluations, and we show that as few as 10 signatures are enough to be collected for successfully recovering the private key. As for previous attempts of adapting Lyubashevsky's protocol to the case of code-based cryptography, the SHMWW scheme is thus proved unable to provide acceptable security. This confirms that devising secure code-based signature schemes with efficiency comparable to that of other post-quantum solutions (e.g., based on lattices) is still a challenging task.

Karan Khathuria

Recently, Doröz et al. (2017) proposed a new hard problem, called the finite field isomorphism problem, and constructed a fully homomorphic encryption scheme based on this problem. In this paper, we generalize the problem to the case of Galois rings, resulting in the Galois ring isomorphism problem. The generalization is achieved by lifting the isomorphism between the corresponding residue fields. As a result, this generalization allows us to construct cryptographic primitives over the ring of integers modulo a prime power, instead of a large prime number.

Violetta Weger, Karan Khathuria, Anna-Lena Horlemann et al.

In this paper we study the hardness of the syndrome decoding problem over finite rings endowed with the Lee metric. We first prove that the decisional version of the problem is NP-complete, by a reduction from the $3$-dimensional matching problem. Then, we study the complexity of solving the problem, by translating the best known solvers in the Hamming metric over finite fields to the Lee metric over finite rings, as well as proposing some novel solutions. For the analyzed algorithms, we assess the computational complexity in the asymptotic regime and compare it to the corresponding algorithms in the Hamming metric.

Karan Khathuria, Joachim Rosenthal, Violetta Weger

We present a code-based public-key cryptosystem, in which we use Reed-Solomon codes over an extension field as secret codes and disguise it by considering its shortened expanded code over the base field. Considering shortened expanded codes provides a safeguard against distinguisher attacks based on the Schur product. Moreover, without using a cyclic or a quasi-cyclic structure we obtain a key size reduction of nearly $45 \%$ compared to the classic McEliece cryptosystem proposed by Bernstein et al.

Carmelo Interlando, Karan Khathuria, Nicole Rohrer et al.

In this paper we generalize the Ball-Collision Algorithm by Bernstein, Lange, Peters from the binary field to a general finite field. We also provide a complexity analysis and compare the asymptotic complexity to other generalized information set decoding algorithms.

Karan Khathuria, Giacomo Micheli, Violetta Weger

In this paper we show that the $\mathbb Z/p^{m}\mathbb Z$-module structure of the ring $E_p^{(m)}$ is isomorphic to a $\mathbb Z/p^{m}\mathbb Z$-submodule of the matrix ring over $\mathbb Z/p^{m}\mathbb Z$. Using this intrinsic structure of $E_p^{(m)}$, solving a linear system over $E_p^{(m)}$ becomes computationally equivalent to solving a linear system over $\mathbb Z/p^{m}\mathbb Z$. As an application we break the protocol based on the Diffie-Hellman Decomposition problem and ElGamal Decomposition problem over $E_p^{(m)}$. Our algorithm terminates in a provable running time of $O(m^{6})$ $\mathbb Z/p^{m}\mathbb Z$-operations.