Jean Belo Klamti - Academia.edu (original) (raw)

Uploads

Papers by Jean Belo Klamti

Research paper thumbnail of Software Implementation of a Code-Based Key Encapsulation Mechanism from Binary QD Generalized Srivastava Codes

Lecture Notes in Computer Science, 2023

Research paper thumbnail of Security Analysis of a Cryptosystem Based on Subspace Subcodes

Code-Based Cryptography, 2022

Research paper thumbnail of A code based hybrid signcryption scheme

A key encapsulation mechanism (KEM) that takes as input an arbitrary string, i.e., a tag, is know... more A key encapsulation mechanism (KEM) that takes as input an arbitrary string, i.e., a tag, is known as tag-KEM, while a scheme that combines signature and encryption is called signcryption. In this paper, we present a code-based signcryption tag-KEM scheme. We utilize a code-based signature and a CCA2 (adaptive chosen ciphertext attack) secure version of McEliece's {encryption} scheme. The proposed scheme uses an equivalent subcode as a public code for the receiver, making the NP-completeness of the equivalent subcode problem be one of our main security assumptions. We then base the signcryption tag-KEM to design a code-based hybrid signcryption scheme. A hybrid scheme deploys an asymmetric- as well as a symmetric-key encryption. We give security analyses of both our schemes in the standard model and prove that they are secure against IND-CCA2 (indistinguishability under adaptive chosen ciphertext attack) and SUF-CMA (strong existential unforgeability under chosen message attack).

Research paper thumbnail of Designing a Public Key Cryptosystem Based on Quasi-cyclic Subspace Subcodes of Reed-Solomon Codes

Algebra, Codes and Cryptology, 2019

In this paper we introduce a code-based cryptosystem using quasi-cyclic generalized subspace subc... more In this paper we introduce a code-based cryptosystem using quasi-cyclic generalized subspace subcodes of Generalized Reed-Solomon codes in order to reduce the public key size. In our scheme the underlying Generalized Reed-Solomon code is not secret, so the classical attacks such as square code or folding attacks have no more purpose against it. In addition one part of the security of this scheme is based on hard problems in coding theory like Equivalence Subcodes (ES) Problem. We propose some parameters to reach at least a security level of 128 and 192 bits. We make a public key size comparison with some well established code-based public key encryption schemes. We also see that for the 128 bits security level the key size of our proposals are often better than the code-based schemes in competition for NIST’s second round.

Research paper thumbnail of Quasi-Dyadic Girault Identification Scheme

Zero-knowledge identification schemes allow a prover to convince a verifier that a certain fact i... more Zero-knowledge identification schemes allow a prover to convince a verifier that a certain fact is true, while not revealing any additional information.

Research paper thumbnail of DAGS : Key Encapsulation from Dyadic GS Codes

The team listed above is the principal submitter; there are no auxiliary submitters. Owner, inven... more The team listed above is the principal submitter; there are no auxiliary submitters. Owner, inventors and developers of this submission are the same as the principal submitter. Relevant prior work is credited where appropriate.

Research paper thumbnail of Post-Quantum Two-party Adaptor Signature Based on Coding Theory

An adaptor signature can be viewed as a signature concealed with a secret value and, by design, a... more An adaptor signature can be viewed as a signature concealed with a secret value and, by design, any two of the trio yield the other. In a multiparty setting, an initial adaptor signature allows each party create additional adaptor signatures without the original secret. Adaptor signatures help address scalability and interoperabity issues in blockchain. They can also bring some important advantages to cryptocurrencies, such as low on-chain cost, improved transaction fungibility, and less limitations of a blockchain’s scripting language. In this paper, we propose a new two-party adaptor signature scheme that relies on quantum-safe hard problems in coding theory. The proposed scheme uses a hash-and-sign code-based signature scheme introduced by Debris-Alazard et al. and a code-based hard relation defined from the well-known syndrome decoding problem. To achieve all the basic properties of adaptor signatures formalized by Aumayr et al., we introduce further modifications to the aforeme...

Research paper thumbnail of Improvement of Binary and Non Binary Statistical Decoding Algorithm

The security of McEliece’s cryptosystem relies heavily on the hardness of decoding a random linea... more The security of McEliece’s cryptosystem relies heavily on the hardness of decoding a random linear code. The best known generic decoding algorithms are derived from the Information-Set Decoding (ISD) algorithm. This was first proposed in 1962 by Prange and subsequently improved in 1989 by Stern and later in 1991 by Dumer. In 2001 Al Jabri introduced a new decoding algorithm for general linear block codes which does not belong to this family, called Statistical Decoding (SD). Since then, like for the Information Set Decoding algorithm, there have been numerous work done to improve and generalize the SD algorithm. In this paper, we improve the SD algorithm using the notion of bases lists in binary case. Then, we give a non binary version of this improvement. Finally, we have computed complexity analysis and have made a complexity comparison of our results with that of recent results on SD algorithm and complexity of classic ISD algorithm.

Research paper thumbnail of Generalized Subspace Subcodes With Application in Cryptology

IEEE Transactions on Information Theory, Aug 1, 2019

Most of the codes that have an algebraic decoding algorithm are derived from the Reed Solomon cod... more Most of the codes that have an algebraic decoding algorithm are derived from the Reed Solomon codes. They are obtained by taking equivalent codes, for example the generalized Reed Solomon codes, or by using the so-called subfield subcode method, which leads to Alternant codes and Goppa codes over the underlying prime field, or over some intermediate subfield. The main advantages of these constructions is to preserve both the minimum distance and the decoding algorithm of the underlying Reed Solomon code. In this paper, we propose a generalization of the subfield subcode construction by introducing the notion of subspace subcodes and a generalization of the equivalence of codes which leads to the notion of generalized subspace subcodes. When the dimension of the selected subspaces is equal to one, we show that our approach gives exactly the family of the codes obtained by equivalence and subfield subcode technique. However, our approach highlights the links between the subfield subcode of a code defined over an extension field and the operation of puncturing the q-ary image of this code. When the dimension of the subspaces is greater than one, we obtain codes whose alphabet is no longer a finite field, but a set of r-uples. We explain why these codes are practically as efficient for applications as the codes defined on an extension of degree r. In addition, they make it possible to obtain decodable codes over a large alphabet having parameters previously inaccessible. As an application, we give some examples that can be used in public key cryptosystems such as McEliece.

Research paper thumbnail of DAGS: Reloaded Revisiting Dyadic Key Encapsulation

In this paper we revisit some of the main aspects of the DAGS Key Encapsulation Mechanism, one of... more In this paper we revisit some of the main aspects of the DAGS Key Encapsulation Mechanism, one of the code-based candidates to NIST's standardization call for the key exchange/encryption functionalities. In particular, we modify the algorithms for key generation, encapsulation and decapsulation to fit an alternative KEM framework, and we present a new set of parameters that use binary codes. We discuss advantages and disadvantages for each of the variants proposed.

Research paper thumbnail of DAGS: Key encapsulation using dyadic GS codes

Journal of Mathematical Cryptology, Dec 1, 2018

DOI to the publisher's website. • The final author version and the galley proof are versions of t... more DOI to the publisher's website. • The final author version and the galley proof are versions of the publication after peer review. • The final published version features the final layout of the paper including the volume, issue and page numbers. Link to publication General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal. If the publication is distributed under the terms of Article 25fa of the Dutch Copyright Act, indicated by the "Taverne" license above, please follow below link for the End User Agreement:

Research paper thumbnail of A NP-Complete Problem in Coding Theory with Application to Code Based Cryptography

Lecture Notes in Computer Science, 2017

It is easy to determine if a given code \(\mathcal {C}\) is a subcode of another known code \(\ma... more It is easy to determine if a given code \(\mathcal {C}\) is a subcode of another known code \(\mathcal {D}\). For most of occurrences, it is easy to determine if two codes \(\mathcal {C}\) and \(\mathcal {D}\) are equivalent by permutation. In this paper, we show that determining if a code \(\mathcal {C}\) is equivalent to a subcode of \(\mathcal {D}\) is a NP-complete problem. We give also some arguments to show why this problem seems much harder to solve in practice than the Equivalence Punctured Code problem or the Punctured Code problem proposed by Wieschebrink [21]. For one application of this problem we propose an improvement of the three-pass identification scheme of Girault and discuss on its performance.

Research paper thumbnail of Generalization of BJMM-ISD Using May-Ozerov Nearest Neighbor Algorithm over an Arbitrary Finite Field <span class="katex"><span class="katex-mathml"><math xmlns="http://www.w3.org/1998/Math/MathML"><semantics><mrow></mrow><annotation encoding="application/x-tex"></annotation></semantics></math></span><span class="katex-html" aria-hidden="true"></span></span>\mathbb {F}_q$$

Lecture Notes in Computer Science, 2017

The security of McEliece cryptosystem heavily relies on the hardness of decoding a random linear ... more The security of McEliece cryptosystem heavily relies on the hardness of decoding a random linear code. The best known generic decoding algorithms are derived from the Information-Set Decoding (ISD) algorithm. The ISD algorithm was proposed in 1962 by Prange and improved in 1989 by Stern and later in 1991 by Dumer. Since then, there have been numerous works improving and generalizing the ISD algorithm: Peters in 2009, May, Meurer and Thomae in 2011, Becker, Joux, May and Meurer in 2012, May and Ozerov in 2015, and Hirose in 2016. Among all these improvement and generalization only those ofPeters and Hirose are over \(\mathbb {F}_q\) with q an arbitrary prime power. In Hirose’s paper, he describes the May-Ozerov nearest-neighbor algorithm generalized to work for vectors over the finite field \(\mathbb {F}_q\) with arbitrary prime power q. He also applies the generalized algorithm to the decoding problem of random linear codes over \(\mathbb {F}_q\). And he observed by a numerical analysis of asymptotic time complexity that the May-Ozerov nearest-neighbor algorithm may not contribute to the performance improvement of Stern’s ISD algorithm over \(\mathbb {F}_q\) with \(q \ge 3\). In this paper, we will extend the Becker, Joux, May, and Meurer’s ISD using the May-Ozerov algorithm for Nearest-Neighbor problem over \(\mathbb {F}_q\) with q an arbitrary prime power. We analyze the impact of May-Ozerov algorithm for Nearest-Neighbor Problem over \(\mathbb {F}_q\) on the Becker, Joux, May and Meurer’s ISD.

Research paper thumbnail of Software Implementation of a Code-Based Key Encapsulation Mechanism from Binary QD Generalized Srivastava Codes

Lecture Notes in Computer Science, 2023

Research paper thumbnail of Security Analysis of a Cryptosystem Based on Subspace Subcodes

Code-Based Cryptography, 2022

Research paper thumbnail of A code based hybrid signcryption scheme

A key encapsulation mechanism (KEM) that takes as input an arbitrary string, i.e., a tag, is know... more A key encapsulation mechanism (KEM) that takes as input an arbitrary string, i.e., a tag, is known as tag-KEM, while a scheme that combines signature and encryption is called signcryption. In this paper, we present a code-based signcryption tag-KEM scheme. We utilize a code-based signature and a CCA2 (adaptive chosen ciphertext attack) secure version of McEliece's {encryption} scheme. The proposed scheme uses an equivalent subcode as a public code for the receiver, making the NP-completeness of the equivalent subcode problem be one of our main security assumptions. We then base the signcryption tag-KEM to design a code-based hybrid signcryption scheme. A hybrid scheme deploys an asymmetric- as well as a symmetric-key encryption. We give security analyses of both our schemes in the standard model and prove that they are secure against IND-CCA2 (indistinguishability under adaptive chosen ciphertext attack) and SUF-CMA (strong existential unforgeability under chosen message attack).

Research paper thumbnail of Designing a Public Key Cryptosystem Based on Quasi-cyclic Subspace Subcodes of Reed-Solomon Codes

Algebra, Codes and Cryptology, 2019

In this paper we introduce a code-based cryptosystem using quasi-cyclic generalized subspace subc... more In this paper we introduce a code-based cryptosystem using quasi-cyclic generalized subspace subcodes of Generalized Reed-Solomon codes in order to reduce the public key size. In our scheme the underlying Generalized Reed-Solomon code is not secret, so the classical attacks such as square code or folding attacks have no more purpose against it. In addition one part of the security of this scheme is based on hard problems in coding theory like Equivalence Subcodes (ES) Problem. We propose some parameters to reach at least a security level of 128 and 192 bits. We make a public key size comparison with some well established code-based public key encryption schemes. We also see that for the 128 bits security level the key size of our proposals are often better than the code-based schemes in competition for NIST’s second round.

Research paper thumbnail of Quasi-Dyadic Girault Identification Scheme

Zero-knowledge identification schemes allow a prover to convince a verifier that a certain fact i... more Zero-knowledge identification schemes allow a prover to convince a verifier that a certain fact is true, while not revealing any additional information.

Research paper thumbnail of DAGS : Key Encapsulation from Dyadic GS Codes

The team listed above is the principal submitter; there are no auxiliary submitters. Owner, inven... more The team listed above is the principal submitter; there are no auxiliary submitters. Owner, inventors and developers of this submission are the same as the principal submitter. Relevant prior work is credited where appropriate.

Research paper thumbnail of Post-Quantum Two-party Adaptor Signature Based on Coding Theory

An adaptor signature can be viewed as a signature concealed with a secret value and, by design, a... more An adaptor signature can be viewed as a signature concealed with a secret value and, by design, any two of the trio yield the other. In a multiparty setting, an initial adaptor signature allows each party create additional adaptor signatures without the original secret. Adaptor signatures help address scalability and interoperabity issues in blockchain. They can also bring some important advantages to cryptocurrencies, such as low on-chain cost, improved transaction fungibility, and less limitations of a blockchain’s scripting language. In this paper, we propose a new two-party adaptor signature scheme that relies on quantum-safe hard problems in coding theory. The proposed scheme uses a hash-and-sign code-based signature scheme introduced by Debris-Alazard et al. and a code-based hard relation defined from the well-known syndrome decoding problem. To achieve all the basic properties of adaptor signatures formalized by Aumayr et al., we introduce further modifications to the aforeme...

Research paper thumbnail of Improvement of Binary and Non Binary Statistical Decoding Algorithm

The security of McEliece’s cryptosystem relies heavily on the hardness of decoding a random linea... more The security of McEliece’s cryptosystem relies heavily on the hardness of decoding a random linear code. The best known generic decoding algorithms are derived from the Information-Set Decoding (ISD) algorithm. This was first proposed in 1962 by Prange and subsequently improved in 1989 by Stern and later in 1991 by Dumer. In 2001 Al Jabri introduced a new decoding algorithm for general linear block codes which does not belong to this family, called Statistical Decoding (SD). Since then, like for the Information Set Decoding algorithm, there have been numerous work done to improve and generalize the SD algorithm. In this paper, we improve the SD algorithm using the notion of bases lists in binary case. Then, we give a non binary version of this improvement. Finally, we have computed complexity analysis and have made a complexity comparison of our results with that of recent results on SD algorithm and complexity of classic ISD algorithm.

Research paper thumbnail of Generalized Subspace Subcodes With Application in Cryptology

IEEE Transactions on Information Theory, Aug 1, 2019

Most of the codes that have an algebraic decoding algorithm are derived from the Reed Solomon cod... more Most of the codes that have an algebraic decoding algorithm are derived from the Reed Solomon codes. They are obtained by taking equivalent codes, for example the generalized Reed Solomon codes, or by using the so-called subfield subcode method, which leads to Alternant codes and Goppa codes over the underlying prime field, or over some intermediate subfield. The main advantages of these constructions is to preserve both the minimum distance and the decoding algorithm of the underlying Reed Solomon code. In this paper, we propose a generalization of the subfield subcode construction by introducing the notion of subspace subcodes and a generalization of the equivalence of codes which leads to the notion of generalized subspace subcodes. When the dimension of the selected subspaces is equal to one, we show that our approach gives exactly the family of the codes obtained by equivalence and subfield subcode technique. However, our approach highlights the links between the subfield subcode of a code defined over an extension field and the operation of puncturing the q-ary image of this code. When the dimension of the subspaces is greater than one, we obtain codes whose alphabet is no longer a finite field, but a set of r-uples. We explain why these codes are practically as efficient for applications as the codes defined on an extension of degree r. In addition, they make it possible to obtain decodable codes over a large alphabet having parameters previously inaccessible. As an application, we give some examples that can be used in public key cryptosystems such as McEliece.

Research paper thumbnail of DAGS: Reloaded Revisiting Dyadic Key Encapsulation

In this paper we revisit some of the main aspects of the DAGS Key Encapsulation Mechanism, one of... more In this paper we revisit some of the main aspects of the DAGS Key Encapsulation Mechanism, one of the code-based candidates to NIST's standardization call for the key exchange/encryption functionalities. In particular, we modify the algorithms for key generation, encapsulation and decapsulation to fit an alternative KEM framework, and we present a new set of parameters that use binary codes. We discuss advantages and disadvantages for each of the variants proposed.

Research paper thumbnail of DAGS: Key encapsulation using dyadic GS codes

Journal of Mathematical Cryptology, Dec 1, 2018

DOI to the publisher's website. • The final author version and the galley proof are versions of t... more DOI to the publisher's website. • The final author version and the galley proof are versions of the publication after peer review. • The final published version features the final layout of the paper including the volume, issue and page numbers. Link to publication General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal. If the publication is distributed under the terms of Article 25fa of the Dutch Copyright Act, indicated by the "Taverne" license above, please follow below link for the End User Agreement:

Research paper thumbnail of A NP-Complete Problem in Coding Theory with Application to Code Based Cryptography

Lecture Notes in Computer Science, 2017

It is easy to determine if a given code \(\mathcal {C}\) is a subcode of another known code \(\ma... more It is easy to determine if a given code \(\mathcal {C}\) is a subcode of another known code \(\mathcal {D}\). For most of occurrences, it is easy to determine if two codes \(\mathcal {C}\) and \(\mathcal {D}\) are equivalent by permutation. In this paper, we show that determining if a code \(\mathcal {C}\) is equivalent to a subcode of \(\mathcal {D}\) is a NP-complete problem. We give also some arguments to show why this problem seems much harder to solve in practice than the Equivalence Punctured Code problem or the Punctured Code problem proposed by Wieschebrink [21]. For one application of this problem we propose an improvement of the three-pass identification scheme of Girault and discuss on its performance.

Research paper thumbnail of Generalization of BJMM-ISD Using May-Ozerov Nearest Neighbor Algorithm over an Arbitrary Finite Field <span class="katex"><span class="katex-mathml"><math xmlns="http://www.w3.org/1998/Math/MathML"><semantics><mrow></mrow><annotation encoding="application/x-tex"></annotation></semantics></math></span><span class="katex-html" aria-hidden="true"></span></span>\mathbb {F}_q$$

Lecture Notes in Computer Science, 2017

The security of McEliece cryptosystem heavily relies on the hardness of decoding a random linear ... more The security of McEliece cryptosystem heavily relies on the hardness of decoding a random linear code. The best known generic decoding algorithms are derived from the Information-Set Decoding (ISD) algorithm. The ISD algorithm was proposed in 1962 by Prange and improved in 1989 by Stern and later in 1991 by Dumer. Since then, there have been numerous works improving and generalizing the ISD algorithm: Peters in 2009, May, Meurer and Thomae in 2011, Becker, Joux, May and Meurer in 2012, May and Ozerov in 2015, and Hirose in 2016. Among all these improvement and generalization only those ofPeters and Hirose are over \(\mathbb {F}_q\) with q an arbitrary prime power. In Hirose’s paper, he describes the May-Ozerov nearest-neighbor algorithm generalized to work for vectors over the finite field \(\mathbb {F}_q\) with arbitrary prime power q. He also applies the generalized algorithm to the decoding problem of random linear codes over \(\mathbb {F}_q\). And he observed by a numerical analysis of asymptotic time complexity that the May-Ozerov nearest-neighbor algorithm may not contribute to the performance improvement of Stern’s ISD algorithm over \(\mathbb {F}_q\) with \(q \ge 3\). In this paper, we will extend the Becker, Joux, May, and Meurer’s ISD using the May-Ozerov algorithm for Nearest-Neighbor problem over \(\mathbb {F}_q\) with q an arbitrary prime power. We analyze the impact of May-Ozerov algorithm for Nearest-Neighbor Problem over \(\mathbb {F}_q\) on the Becker, Joux, May and Meurer’s ISD.