Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Linear Code Equivalence via Plücker Coordinates

Gessica Alecci, Giuseppe D'Alconzo

TL;DR

The results are of theoretical interest, as they constitute the first application of algebraic geometry and invariant theory to the cryptanalysis of LCE and provide insight into how algebraic geometry and invariant theory can be employed in Cryptography.

Abstract

The assumed hardness of the Linear Code Equivalence problem (LCE) lies at the core of the security of the LESS signature scheme and other signature schemes with advanced functionalities. The LCE problem asks to determine whether two linear codes are equivalent. This equivalence is represented by a monomial matrix $ Q$, i.e. the product of a diagonal matrix $D$ and a permutation matrix $P$. The recovery of $Q= DP$ is known to be reduced to the recovery of the permutation matrix $ P$ alone. Exploiting this fact, we construct an algebraic model for LCE involving only the matrix $P$. To this end, we study the action of monomial matrices on linear codes using tools from algebraic geometry, including Plücker coordinates and fields of invariant rational functions. In particular, we analyse the action of diagonal matrices on linear codes, which can be interpreted as diagonal scaling of the coordinates of elements of the Grassmannian. We propose a method to determine algebraically independent generators of the field of rational functions invariant under this action, without relying on Reynolds operators or Gröbner basis computations. Furthermore, given two equivalent codes, we apply our results to explicitly construct, for each invariant function, a polynomial having $P$ as a root. However, the resulting polynomials are not of practical use: their degrees are high for cryptographically relevant parameters, and the number of monomials grows exponentially, making them infeasible to manipulate. Despite this limitation, our results are of theoretical interest, as they constitute the first application of these tools to the cryptanalysis of LCE and provide insight into how algebraic geometry and invariant theory can be employed in Cryptography.

Linear Code Equivalence via Plücker Coordinates

TL;DR

The results are of theoretical interest, as they constitute the first application of algebraic geometry and invariant theory to the cryptanalysis of LCE and provide insight into how algebraic geometry and invariant theory can be employed in Cryptography.

Abstract

The assumed hardness of the Linear Code Equivalence problem (LCE) lies at the core of the security of the LESS signature scheme and other signature schemes with advanced functionalities. The LCE problem asks to determine whether two linear codes are equivalent. This equivalence is represented by a monomial matrix , i.e. the product of a diagonal matrix and a permutation matrix . The recovery of is known to be reduced to the recovery of the permutation matrix alone. Exploiting this fact, we construct an algebraic model for LCE involving only the matrix . To this end, we study the action of monomial matrices on linear codes using tools from algebraic geometry, including Plücker coordinates and fields of invariant rational functions. In particular, we analyse the action of diagonal matrices on linear codes, which can be interpreted as diagonal scaling of the coordinates of elements of the Grassmannian. We propose a method to determine algebraically independent generators of the field of rational functions invariant under this action, without relying on Reynolds operators or Gröbner basis computations. Furthermore, given two equivalent codes, we apply our results to explicitly construct, for each invariant function, a polynomial having as a root. However, the resulting polynomials are not of practical use: their degrees are high for cryptographically relevant parameters, and the number of monomials grows exponentially, making them infeasible to manipulate. Despite this limitation, our results are of theoretical interest, as they constitute the first application of these tools to the cryptanalysis of LCE and provide insight into how algebraic geometry and invariant theory can be employed in Cryptography.
Paper Structure (20 sections, 6 theorems, 68 equations, 1 figure)

This paper contains 20 sections, 6 theorems, 68 equations, 1 figure.

Table of Contents

  1. Introduction
  2. Linear Code Equivalence Problem.
  3. Quotient Group Actions.
  4. Multi-samples LCE.
  5. Our contribution.
  6. Preliminaries
  7. Notation
  8. Algebraic Geometry
  9. Grassmannian and Plücker Coordinates.
  10. Rational functions.
  11. Algebraic independence.
  12. Cryptography
  13. Cryptographic Group Actions.
  14. Quotient Group Actions.
  15. Code Equivalence.
  16. ...and 5 more sections

Key Result

proposition 1

Let $F_1,\dots, F_r$ be the polynomials defining the Plücker relations and let $\left\{\mathrm{d}F_{i_1},\dots, \mathrm{d}F_{i_t}\right\}$ be a maximal subset of linearly independent elements in $\{\mathrm{d}F_1,\dots, \mathrm{d}F_r \}$. The polynomials $f_1\dots,f_\ell$ are algebraically independen

Figures (1)

  • Figure 1: Algorithm $\mathsf{InvGen}$ for the computation of a minimal set of independent generators of $\mathbb{K}\left(\mathrm{Gr}(k,n)\right)^{{\mathcal{D}}_n}$.

Theorems & Definitions (15)

  • proposition 1
  • definition 1
  • definition 2
  • proposition 2
  • proof
  • lemma 1
  • proof
  • theorem 1
  • proof
  • remark 1
  • ...and 5 more