Pierre Loidreau

Pierre Loidreau, Ba-Duc Pham

In this paper we show that in the case where the public-key can be distinguished from a random code in Loidreau's encryption scheme, then Coggia-Couvreur attack can be extended to recover an equivalent secret key. This attack can be conducted in polynomial-time if the masking vector space has dimension 3, thus recovering the results of Ghatak.

Julian Renner, Thomas Jerkovits, Hannes Bartz et al.

We address the problem of decoding Gabidulin codes beyond their unique error-correction radius. The complexity of this problem is of importance to assess the security of some rank-metric code-based cryptosystems. We propose an approach that introduces row or column erasures to decrease the rank of the error in order to use any proper polynomial-time Gabidulin code error-erasure decoding algorithm. This approach improves on generic rank-metric decoders by an exponential factor.

Julien Lavauzelle, Pierre Loidreau, Ba-Duc Pham

We present a rank metric code-based encryption scheme with key and ciphertext sizes comparable to that of isogeny-based cryptography for an equivalent security level. The system also benefits from efficient encryption and decryption algorithms, which rely on linear algebra operations over finite fields of moderate sizes. The security only relies on rank metric decoding problems, and does not require to hide the structure of a code. Based on the current knowledge, those problems cannot be efficiently solved by a quantum computer. Finally, the proposed scheme admits a failure probability that can be precisely controlled and made as low as possible.