On the matrix code of quadratic relationships for a Goppa code

• URL: http://arxiv.org/abs/2310.20497v2
• Date: Fri, 19 Jul 2024 10:52:12 GMT
• Title: On the matrix code of quadratic relationships for a Goppa code
• Authors: Rocco Mora,
• Abstract summary: We build upon the algebraical modeling introduced in citeCMT23 to derive a structural attack on Goppa codes. Our method can break in just a few seconds some recent challenges about key-recovery attacks on the McEliece cryptosystem.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: In this article, we continue the analysis started in \cite{CMT23} for the matrix code of quadratic relationships associated with a Goppa code. We provide new sparse and low-rank elements in the matrix code and categorize them according to their shape. Thanks to this description, we prove that the set of rank 2 matrices in the matrix codes associated with square-free binary Goppa codes, i.e. those used in Classic McEiece, is much larger than what is expected, at least in the case where the Goppa polynomial degree is 2. We build upon the algebraic determinantal modeling introduced in \cite{CMT23} to derive a structural attack on these instances. Our method can break in just a few seconds some recent challenges about key-recovery attacks on the McEliece cryptosystem, consistently reducing their estimated security level. We also provide a general method, valid for any Goppa polynomial degree, to transform a generic pair of support and multiplier into a pair of support and Goppa polynomial.

Related papers

• The Geometry of LLM Quantization: GPTQ as Babai's Nearest Plane Algorithm [52.89358421626026]
  GPTQ emerged as one of the standard methods for one-shot post-training quantization at LLM scale.<n>We show that GPTQ is mathematically identical to Babai's nearest plane algorithm for the classical closest vector problem.
  arXiv  Detail & Related papers  (2025-07-24T16:22:18Z)
• The Tangent Space Attack [0.0]
  We propose a new method for retrieving the structure of a generic alternant code given an arbitrary generator matrix.<n>We then discuss how this challenges the security of the McEliece cryptosystem instantiated with this family of codes.
  arXiv  Detail & Related papers  (2025-05-15T11:30:46Z)
• Post-Quantum Cryptography: An Analysis of Code-Based and Lattice-Based Cryptosystems [55.49917140500002]
  Quantum computers will be able to break modern cryptographic systems using Shor's Algorithm.<n>We first examine the McEliece cryptosystem, a code-based scheme believed to be secure against quantum attacks.<n>We then explore NTRU, a lattice-based system grounded in the difficulty of solving the Shortest Vector Problem.
  arXiv  Detail & Related papers  (2025-05-06T03:42:38Z)
• Coxeter codes: Extending the Reed-Muller family [59.90381090395222]
  We introduce a class of binary linear codes that generalizes the RM family by replacing the domain $mathbbZm$ with an arbitrary finite Coxeter group.<n> Coxeter codes also give rise to a family of quantum codes for which closed diagonal $Z$ rotations can perform non-trivial logic.
  arXiv  Detail & Related papers  (2025-02-20T17:16:28Z)
• High-Rank Irreducible Cartesian Tensor Decomposition and Bases of Equivariant Spaces [47.83974626445763]
  We construct path matrices for decomposition of Cartesian tensors up to rank $n=9$ with reduced and affordable complexity. We prove and leverage that the concatenation of path matrices is an orthonormal change-of-basis matrix between the tensor product space and the spherical direct sum spaces. We extend our result to the arbitrary tensor product and direct sum spaces, enabling free design between different spaces while keeping symmetry.
  arXiv  Detail & Related papers  (2024-12-24T08:25:38Z)
• A new multivariate primitive from CCZ equivalence [1.8024397171920885]
  Two secret affine invertible $mathcal S,mathcal T$ are applied to a set of $mathcalF$. The equivalences $mathcal G$ and $mathcal F$ are said to be affine equivalent.
  arXiv  Detail & Related papers  (2024-05-31T16:15:02Z)
• Extracting topological orders of generalized Pauli stabilizer codes in two dimensions [5.593891873998947]
  We introduce an algorithm for extracting topological data from translation invariant generalized Pauli stabilizer codes in two-dimensional systems. The algorithm applies to $mathbbZ_d$ qudits, including instances where $d$ is a nonprime number.
  arXiv  Detail & Related papers  (2023-12-18T13:18:19Z)
• Matrix Compression via Randomized Low Rank and Low Precision Factorization [47.902465710511485]
  Modern matrices can involve billions of elements, making their storage and processing quite demanding in terms of computational resources and memory usage. We propose an algorithm that exploits this structure to obtain a low rank decomposition of any matrix $mathbfA$ as $mathbfLmathbfR$. We empirically demonstrate the efficacy of our algorithm in image compression, nearest neighbor classification of image and text embeddings, and compressing the layers of LlaMa-$7$b.
  arXiv  Detail & Related papers  (2023-10-17T06:56:57Z)
• Solving Degree Bounds For Iterated Polynomial Systems [0.0]
  We prove regularity estimations for attacks on MiMC, Feistel-MiMC, Feistel-MiMC-Hash, Hades and GMiMC. Our bounds fall in line with the hypothesized complexity of Gr"obner basis attacks on these designs.
  arXiv  Detail & Related papers  (2023-10-05T16:10:14Z)
• Relaxations and Exact Solutions to Quantum Max Cut via the Algebraic Structure of Swap Operators [0.3177496877224142]
  The Quantum Max Cut (QMC) problem has emerged as a test-problem for designing approximation algorithms for local Hamiltonian problems. In this paper we attack this problem using the algebraic structure of QMC, in particular the relationship between the quantum max cut Hamiltonian and the representation theory of the symmetric group.
  arXiv  Detail & Related papers  (2023-07-28T16:45:16Z)
• Fast Differentiable Matrix Square Root and Inverse Square Root [65.67315418971688]
  We propose two more efficient variants to compute the differentiable matrix square root and the inverse square root. For the forward propagation, one method is to use Matrix Taylor Polynomial (MTP), and the other method is to use Matrix Pad'e Approximants (MPA) A series of numerical tests show that both methods yield considerable speed-up compared with the SVD or the NS iteration.
  arXiv  Detail & Related papers  (2022-01-29T10:00:35Z)
• Fast Differentiable Matrix Square Root [65.67315418971688]
  We propose two more efficient variants to compute the differentiable matrix square root. For the forward propagation, one method is to use Matrix Taylor Polynomial (MTP) The other method is to use Matrix Pad'e Approximants (MPA)
  arXiv  Detail & Related papers  (2022-01-21T12:18:06Z)
• Non-PSD Matrix Sketching with Applications to Regression and Optimization [56.730993511802865]
  We present dimensionality reduction methods for non-PSD and square-roots" matrices. We show how these techniques can be used for multiple downstream tasks.
  arXiv  Detail & Related papers  (2021-06-16T04:07:48Z)
• Quantum error-correcting codes from matrix-product codes related to quasi-orthogonal and quasi-unitary matrices [18.763290930749235]
  Matrix-product codes over finite fields are an important class of long linear codes. The construction of matrix-product codes with certain self-orthogonality over finite fields is an effective way to obtain good $q$-ary quantum codes of large length.
  arXiv  Detail & Related papers  (2020-12-31T16:17:37Z)
• Finite-Function-Encoding Quantum States [52.77024349608834]
  We introduce finite-function-encoding (FFE) states which encode arbitrary $d$-valued logic functions. We investigate some of their structural properties.
  arXiv  Detail & Related papers  (2020-12-01T13:53:23Z)
• Algorithms and SQ Lower Bounds for PAC Learning One-Hidden-Layer ReLU Networks [48.32532049640782]
  We study the problem of learning one-hidden-layer ReLU networks with $k$ hidden units on $mathbbRd$ under Gaussian marginals. For the case of positive coefficients, we give the first-time algorithm for this learning problem for $k$ up to $tildeOOmega(sqrtlog d)$.
  arXiv  Detail & Related papers  (2020-06-22T17:53:54Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.