An algebraic approach to the Rank Support Learning problem
This work addresses a security vulnerability in cryptographic schemes like Durandal, with incremental improvements over prior attacks.
The paper tackles the Rank Support Learning problem, a key component in rank-metric code-based cryptography used in schemes like Durandal, by proposing an algebraic attack that outperforms previous methods, showing that key recovery attacks on Durandal are more efficient than previously believed.
Rank-metric code-based cryptography relies on the hardness of decoding a random linear code in the rank metric. The Rank Support Learning problem (RSL) is a variant where an attacker has access to N decoding instances whose errors have the same support and wants to solve one of them. This problem is for instance used in the Durandal signature scheme. In this paper, we propose an algebraic attack on RSL which clearly outperforms the previous attacks to solve this problem. We build upon Bardet et al., Asiacrypt 2020, where similar techniques are used to solve MinRank and RD. However, our analysis is simpler and overall our attack relies on very elementary assumptions compared to standard Gr{ö}bner bases attacks. In particular, our results show that key recovery attacks on Durandal are more efficient than was previously thought.