Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Security Assessment of the LG Cryptosystem

Étienne Burle, Hervé Talé Kalachi, Freddy Lende Metouke, Ayoub Otmani

TL;DR

A cryptanalysis is presented showing that the security of several parameters of the LG cryptosystem have been overestimated and the existence of some weak keys allowing an attacker to find in polynomial time an alternative private key.

Abstract

The LG cryptosystem is a public-key encryption scheme in the rank metric using the recent family of $\lambdav-$Gabidulin codes and introduced in 2019 by Lau and Tan. In this paper, we present a cryptanalysis showing that the security of several parameters of the scheme have been overestimated. We also show the existence of some weak keys allowing an attacker to find in polynomial time an alternative private key.

Security Assessment of the LG Cryptosystem

TL;DR

A cryptanalysis is presented showing that the security of several parameters of the LG cryptosystem have been overestimated and the existence of some weak keys allowing an attacker to find in polynomial time an alternative private key.

Abstract

The LG cryptosystem is a public-key encryption scheme in the rank metric using the recent family of Gabidulin codes and introduced in 2019 by Lau and Tan. In this paper, we present a cryptanalysis showing that the security of several parameters of the scheme have been overestimated. We also show the existence of some weak keys allowing an attacker to find in polynomial time an alternative private key.
Paper Structure (10 sections, 8 theorems, 10 equations, 2 tables)

This paper contains 10 sections, 8 theorems, 10 equations, 2 tables.

Table of Contents

  1. Introduction
  2. Notation and Preliminaries
  3. Rank Metric
  4. $\boldsymbol{\mathrm{\lambda}}-$Gabidulin Codes
  5. LG Encryption Scheme
  6. A Novel Cryptanalysis of the LG Cryptosystem
  7. Step 1 -- Guessing $\mathcal{F}$.
  8. Step 2 -- Solving a linear system.
  9. Weak Keys
  10. Conclusion

Key Result

proposition 1

Given a $\boldsymbol{\mathrm{\lambda}}-$Gabidulin code $\mathcal{G}ab_{\boldsymbol{\mathrm{\lambda}}}(\boldsymbol{\mathrm{g}},k)$, there exists $\boldsymbol{\mathrm{h}} = (h_1,\ldots, h_n) \in \mathbb{F}_{q^m}^n$ such that $\left \lvert {\boldsymbol{\mathrm{h}}} \right \rvert_q = n$ and $\mathcal{

Theorems & Definitions (20)

  • definition 1: $\boldsymbol{\mathrm{\lambda}}-$Gabidulin codes
  • remark 1
  • proposition 1
  • proposition 2
  • proof
  • remark 2
  • remark 3
  • lemma 1
  • proof
  • theorem 1
  • ...and 10 more