Vlad Drăgoi scite author profile

Polar codes form a very powerful family of codes with a low complexity decoding algorithm that attains many information theoretic limits in error correction and source coding. These codes are closely related to Reed-Muller codes because both can be described with the same algebraic formalism, namely they are generated by evaluations of monomials. However, finding the right set of generating monomials for a polar code which optimises the decoding performances is a nontrivial task and is channel dependent. The purpose of this paper is to reveal some universal properties of these monomials. We will namely prove that there is a way to define a nontrivial (partial) order on monomials so that the monomials generating a polar code devised for a binary-input symmetric channel always form a decreasing set. We call such codes decreasing monomial codes. The fact that polar codes are decreasing monomial codes turns out to have rather deep consequences on their structure. Indeed, we show that decreasing monomial codes have a very large permutation group by proving that it contains a group called lower triangular affine group. Furthermore, the codewords of minimum weight correspond exactly to the orbits of the minimum weight codewords that are obtained from evaluations of monomials of the generating set. In particular, it gives an efficient way of counting the number of minimum weight codewords of a decreasing monomial code and henceforth of a polar code. Index TermsPolar codes, Reed-Muller codes, capacity-achieving codes, decreasing monomial codes, lower triangular affine group, post-quantum cryptography.I. INTRODUCTION Polar codes and Reed Muller codes viewed as monomial codes. Polar codes were discovered by Arıkan [1] and form a very powerful family of codes that gave a nice constructive way of attaining many information theoretic limits in error correction and source coding. In particular, they allow to attain the capacity of any symmetric memoryless channel with a low complexity decoding algorithm (namely the successive cancellation decoder of Arıkan). These codes are closely related to Reed-Muller codes in the sense that they can both be described with the same algebraic formalism, namely as monomial codes. Monomial codes are evaluation codes where a specific set of monomials provides a generator matrix. A Reed-Muller code R(r, m) is generated by the evaluation over F m 2 of all monomials degree at most r in m variables. A polar code of length 2 m is also generated by evaluation of monomials, but not necessarily by the same monomials as a Reed-Muller code: if we want a polar code of a certain dimension for a certain channel, we are going to take a very specific set of monomials which is in general significantly different from the Reed-Muller choice. This choice will give good performances for the Arıkan successive cancellation decoder. It turns out that this decoder is very closely related to Dumer's recursive algorithm for decoding Reed-Muller codes [2] based on the (u|u + v) decomposition. Basically Dumer's de...

show abstract

Efficient Approximation of Two-Terminal Networks Reliability Polynomials Using Cubic Splines

Cristescu

Drăgoi

2021

IEEE Trans. Rel.

View full text Add to dashboard Cite

Cryptanalysis of the McEliece Public Key Cryptosystem Based on Polar Codes

Bardet

Chaulet

Drăgoi

et al. 2016

View full text Add to dashboard Cite

Polar codes discovered by Arikan form a very powerful family of codes attaining many information theoretic limits in the fields of error correction and source coding. They have in particular much better decoding capabilities than Goppa codes which places them as a serious alternative in the design of both a public-key encryption schemeà la McEliece and a very efficient signature scheme. Shrestha and Kim proposed in 2014 to use them in order to come up with a new code-based public key cryptosystem. We present a key-recovery attack that makes it possible to recover a description of the permuted polar code providing all the information required for decrypting any message.

show abstract

Message-Recovery Laser Fault Injection Attack on the Classic McEliece Cryptosystem

Cayrel

Colombier

Drăgoi

et al. 2021

View full text Add to dashboard Cite

Code-based public-key cryptosystems are promising candidates for standardization as quantum-resistant public-key cryptographic algorithms. Their security is based on the hardness of the syndrome decoding problem. Computing the syndrome in a finite field, usually F2, guarantees the security of the constructions. We show in this article that the problem becomes considerably easier to solve if the syndrome is computed in N instead. By means of laser fault injection, we illustrate how to compute the matrix-vector product in N by corrupting specific instructions, and validate it experimentally. To solve the syndrome decoding problem in N, we propose a reduction to an integer linear programming problem. We leverage the computational efficiency of linear programming solvers to obtain real-time message recovery attacks against the code-based proposal to the NIST Post-Quantum Cryptography standardization challenge. We perform our attacks in the worst-case scenario, i.e. considering random binary codes, and retrieve the initial message within minutes on a desktop computer. Our attack targets the reference implementation of the Niederreiter cryptosystem in the NIST PQC competition finalist Classic McEliece and is practically feasible for all proposed parameters sets of this submission. For example, for the 256-bit security parameters sets, we successfully recover the message in a couple of seconds on a desktop computer. Finally, we highlight the fact that the attack is still possible if only a fraction of the syndrome entries are faulty. This makes the attack feasible even though the fault injection does not have perfect repeatability and reduces the computational complexity of the attack, making it even more practical overall.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Vlad Drăgoi

Algebraic properties of polar codes from a new polynomial formalism

Efficient Approximation of Two-Terminal Networks Reliability Polynomials Using Cubic Splines

Cryptanalysis of the McEliece Public Key Cryptosystem Based on Polar Codes

Message-Recovery Laser Fault Injection Attack on the Classic McEliece Cryptosystem

Contact Info

Product

Resources

About