BZPEERReading, trust and collaboration for researchDiscover
Workspaces
Network
Opportunities
Account
Researcher profile
Alain Couvreur contributes to research discovery and scholarly infrastructure.
Trust snapshot
Actions
Identity and collaboration
Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.
Log in to claimDirect collaboration
Claim this author entity first to unlock direct invitations.
Research graph
Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.
BZPEER is loading the nearby papers, people, topics and institutions for this page.
Published work
These lecture notes have been written for a course at the Algebraic Coding Theory (ACT) summer school 2022 that took place in the university of Zurich. The objective of the course propose an in-depth presentation of the proof of one of the most striking results of coding theory: Tsfasman Vlăduţ Zink Theorem, which asserts that for some prime power $q$, there exist sequences of codes over $\mathbb{F}_q$ whose asymptotic parameters beat random codes.
This note completes a talk given at the conference Curves over Finite Fields: past, present and future celebrating the publication the book {\em Rational Points on Curves over Finite Fields by J.-P. Serre and organised at Centro de ciencias de Benasque in june 2021. It discusses a part of the history of algebraic geometry codes together with some of their recent applications. A particular focus is done on the "multiplicative" structure of these codes, i.e. their behaviour with respect to the component wise product. Some open questions are raised and discussed.
It is a long standing open problem to find search to decision reductions for structured versions of the decoding problem of linear codes. Such results in the lattice-based setting have been carried out using number fields: Polynomial-LWE, Ring-LWE, Module-LWE and so on. We propose a function field version of the LWE problem. This new framework leads to another point of view on structured codes, e.g. quasi-cyclic codes, strengthening the connection between lattice-based and code-based cryptography. In particular, we obtain the first search to decision reduction for structured codes. Following the historical constructions in lattice-based cryptography, we instantiate our construction with function fields analogues of cyclotomic fields, namely Carlitz extensions, leading to search to decision reductions on various versions of Ring-LPN, which have applications to secure multi party computation and to an authentication protocol.
Extended Affine (EA) equivalence is the equivalence relation between two vectorial Boolean functions $F$ and $G$ such that there exist two affine permutations $A$, $B$, and an affine function $C$ satisfying $G = A \circ F \circ B + C$. While the problem has a simple formulation, it is very difficult in practice to test whether two functions are EA-equivalent. This problem has two variants: {\em EA-partitioning} deals with partitioning a set of functions into disjoint EA-equivalence classes, and \emph{EA-recovery} is about recovering the tuple $(A,B,C)$ if it exists. In this paper, we present a new algorithm that efficiently solves the EA-recovery problem for quadratic functions. Although its worst-case complexity occurs when dealing with APN functions, it supersedes, in terms of performance, all previously known algorithms for solving this problem for all quadratic functions and in any dimension, even in the case of APN functions. This approach is based on the Jacobian matrix of the functions, a tool whose study in this context can be of independent interest. The best approach for EA-partitioning in practice mainly relies on class invariants. We provide an overview of the known invariants along with a new one based on the \emph{ortho-derivative}. This new invariant is applicable to quadratic APN functions, a specific type of functions that is of great interest, and of which tens of thousands need to be sorted into distinct EA-classes. Our ortho-derivative-based invariant is very fast to compute, and it practically always distinguishes between EA-inequivalent quadratic APN functions.
We discuss the decoding of Gabidulin and interleaved Gabidulin codes. We give the full presentation of a decoding algorithm for Gabidulin codes, which as Loidreau's seminal algorithm consists in localizing errors in the spirit of Berlekamp-Welch algorithm for Reed-Solomon codes. On the other hand, this algorithm consists in acting on codewords on the right while Loidreau's algorithm considers an action on the left. This right-hand side decoder was already introduced by the authors in a previous work for cryptanalytic applications. We give here a generalised version which applies to the case of non-full length Gabidulin codes. Finally, we show that this algorithm turns out to provide a very clear and natural approach for the decoding of interleaved Gabidulin codes.
This article surveys the development of the theory of algebraic geometry codes since their discovery in the late 70's. We summarize the major results on various problems such as: asymptotic parameters, improved estimates on the minimum distance, and decoding algorithms. In addition, we present various modern applications of these codes such as public-key cryptography, algebraic complexity theory, multiparty computation or distributed storage.
We present a polynomial time attack of a rank metric code based encryption scheme due to Loidreau for some parameters.
We present a new decoding algorithm based on error locating pairs and correcting an amount of errors exceeding half the minimum distance. When applied to Reed--Solomon or algebraic geometry codes, the algorithm is a reformulation of the so--called {\em power decoding} algorithm. Asymptotically, it corrects errors up to Sudan's radius. In addition, this new framework applies to any code benefiting from an error locating pair. Similarly to Pellikaan's and Kötter's approach for unique algebraic decoding, our algorithm provides a unified point of view for decoding codes with an algebraic structure beyond the half minimum distance. It permits to get an abstract description of decoding using only codes and linear algebra and without involving the arithmetic of polynomial and rational function algebras used for the definition of the codes themselves. Such algorithms can be valuable for instance for cryptanalysis to construct a decoding algorithm of a code without having access to the hidden algebraic structure of the code.
This paper extends the study of rank-metric codes in extension fields $\mathbb{L}$ equipped with an arbitrary Galois group $G = \mathrm{Gal}(\mathbb{L}/\mathbb{K})$. We propose a framework for studying these codes as subspaces of the group algebra $\mathbb{L}[G]$, and we relate this point of view with usual notions of rank-metric codes in $\mathbb{L}^N$ or in $\mathbb{K}^{N\times N}$, where $N = [\mathbb{L} : \mathbb{K}]$. We then adapt the notion of error-correcting pairs to this context, in order to provide a non-trivial decoding algorithm for these codes. We then focus on the case where $G$ is abelian, which leads us to see codewords as elements of a multivariate skew polynomial ring. We prove that we can bound the dimension of the vector space of zeroes of these polynomials, depending of their degree. This result can be seen as an analogue of Alon-Füredi theorem -- and by means, of Schwartz-Zippel lemma -- in the rank metric. Finally, we construct the counterparts of Reed-Muller codes in the rank metric, and we give their parameters. We also show the connection between these codes and classical Reed-Muller codes in the case where $\mathbb{L}$ is a Kummer extension.
We introduce in this article a new method to estimate the minimum distance of codes from algebraic surfaces. This lower bound is generic, i.e. can be applied to any surface, and turns out to be ``liftable'' under finite morphisms, paving the way toward the construction of good codes from towers of surfaces. In the same direction, we establish a criterion for a surface with a fixed finite set of closed points $\mathcal P$ to have an infinite tower of $\ell$--étale covers in which $\mathcal P$ splits totally. We conclude by stating several open problems. In particular, we relate the existence of asymptotically good codes from general type surfaces with a very ample canonical class to the behaviour of their number of rational points with respect to their $K^2$ and coherent Euler characteristic.
DAGS scheme is a key encapsulation mechanism (KEM) based on quasi-dyadic alternant codes that was submitted to NIST standardization process for a quantum resistant public key algorithm. Recently an algebraic attack was devised by Barelli and Couvreur (Asiacrypt 2018) that efficiently recovers the private key. It shows that DAGS can be totally cryptanalysed by solving a system of bilinear polynomial equations. However, some sets of DAGS parameters were not broken in practice. In this paper we improve the algebraic attack by showing that the original approach was not optimal in terms of the ratio of the number of equations to the number of variables. Contrary to the common belief that reducing at any cost the number of variables in a polynomial system is always beneficial, we actually observed that, provided that the ratio is increased and up to a threshold, the solving can be heavily improved by adding variables to the polynomial system. This enables us to recover the private keys in a few seconds. Furthermore, our experimentations also show that the maximum degree reached during the computation of the Gröbner basis is an important parameter that explains the efficiency of the attack. Finally, the authors of DAGS updated the parameters to take into account the algebraic cryptanalysis of Barelli and Couvreur. In the present article, we propose a hybrid approach that performs an exhaustive search on some variables and computes a Gröbner basis on the polynomial system involving the remaining variables. We then show that the updated set of parameters corresponding to 128-bit security can be broken with 2^83 operations.