Learn More
We propose a family of fast and provably secure cryptographic hash functions. The security of these functions relies directly on the well-known syndrome decoding problem for linear codes. Attacks on this problem are well identified and their complexity is known. This enables us to study precisely the practical security of the hash functions and propose(More)
We consider only primitive binary cyclic codes of length n = 2 m ? 1. A BCH-code with designed distance is denoted B(n;). A BCH-code is always a narrow-sense BCH-code. A codeword is identiied with its locator polynomial, whose coeecients are the symmetric functions of the locators. The deenition of the code by its zeros-set involves some properties for the(More)
In this paper, we give a natural way of deciding whether a given cyclic code contains a word of given weight. The method is based on the manipulation of the locators and of the locator polynomial of a codeword x. Because of the dimensions of the problem, we need to use a symbolic computation software, like Maple or Scratchpad II. The method can be(More)
This paper presents an algorithmic improvement to Sudan's list-decoding algorithm for Reed-Solomon codes and its generalization to algebraic-geometric codes from Shokrollahi and Wasserman. Instead of completely factoring the interpolation polynomial over the function field of the curve, we compute sufficiently many coefficients of a Hensel development to(More)
—The key step of syndrome-based decoding of Reed– Solomon codes up to half the minimum distance is to solve the so-called Key Equation. List decoding algorithms, capable of decoding beyond half the minimum distance, are based on interpolation and factorization of multivariate polynomials. This article provides a link between syndrome-based decoding(More)
We study the list-decoding problem of alternant codes, with the notable case of classical Goppa codes. The major consideration here is to take into account the size of the alphabet, which shows great influence on the list-decoding radius. This amounts to compare the generic Johnson bound to the q-ary Johnson bound. This difference is important when q is(More)
In this paper, we present a modication of the Augot-Finiasz cryptosystem presented at EUROCRYPT 2003. Coron managed to design an attack against the original cryptosystem enabling an attacker to decrypt any intercepted ciphertext eciently. We introduce here a modication of the scheme which appears to resist to this attack. We furthermore propose parameters(More)
Recently, some collisions have been exposed for a variety of cryptographic hash functions [20, 21] including some of the most widely used today. Many other hash functions using similar constructions can however still be considered secure. Nevertheless, this has drawn attention on the need for new hash function designs. In this article is presented a family(More)
Nous montrons que la classe des polyn^ omes de F 2 mZ], qui sont les polyn^ omes localisateurs des mots de plus petit poids du code BCH primitif binaire de longueur 2 m ?1 et distance minimale 2 m?2 ?1, est en bijection avec l'ensemble des F 2-sous-espaces de dimension m ? 2 de F 2 m. Abstract We prove that the class of polynomials of F 2 mZ], which are the(More)
A Group Key Agreement (GKA) protocol is a mechanism to establish a cryptographic key for a group of participants , based on each one's contribution, over a public network. The key, thus derived, can be used to establish a secure channel between the participants. When the group composition changes (or otherwise), one can employ supplementary GKA protocols to(More)