Advances in Cryptology – EUROCRYPT 2014: 33rd Annual by Phong Q. Nguyen, Elisabeth Oswald

This ebook constitutes the court cases of the thirty third Annual foreign convention at the concept and functions of Cryptographic ideas, EUROCRYPT 2014, held in Copenhagen, Denmark, in could 2014. The 38 complete papers incorporated during this quantity have been rigorously reviewed and chosen from 197 submissions. They take care of public key cryptanalysis, identity-based encryption, key derivation and quantum computing, secret-key research and implementations, obfuscation and multi linear maps, authenticated encryption, symmetric encryption, multi-party encryption, side-channel assaults, signatures and public-key encryption, sensible encryption, foundations and multi-party computation.

PQCrypto 2013. LNCS, vol. 7932, pp. 102–117. Springer, Heidelberg (2013) 25. : An observation on the security of McEliece’s publickey cryptosystem. G. ) EUROCRYPT 1988. LNCS, vol. 330, pp. 275–280. Springer, Heidelberg (1988) 26. : A probabilistic algorithm for computing minimum weights of large error-correcting codes. IEEE Trans. Inform. Theory 34(5), 1354–1359 (1988) 27. : Weak keys in the McEliece public-key cryptosystem. IEEE Trans. Inform. Theory 47(3), 1207–1211 (2001) 28. : A new version of mcEliece PKC based on convolutional codes.

N − 1} the punctured code DI and shortened code D I are defined as: def DI = (ci )i∈I / | c ∈D ; D I = (ci )i∈I / | ∃c = (ci )i ∈ D such that ∀i ∈ I, ci = 0 . def Instead of writing D{j} and D {j} when I = {j} we rather use the notation Dj and D j . The following classical results will be used repeatedly. Lemma 1. Let A ⊂ Fnq be a code and I ⊂ {0, . . , n − 1} be a set of positions. Then, AI ⊥ = AI⊥ and (AI )⊥ = A ⊥ I . Diagonal Equivalence of Codes. Two q-ary codes A , B ⊂ Fnq are said to be n Fq –diagonally equivalent, and we will write B ∼Fq A , if there exists u ∈ F× q such that: B = u A = {u a | a ∈ A }.

N − 1}, we have1 : (xa − xa )−(q+1) C a (q + 1) ⊆ Ca . Without loss of generality, one can assume that the first two entries of x are x0 = 0 and x1 = 1. As explained further, this will in particular make possible 1 Recall that by (xa −xa )−(q+1) we mean the vector (xi − xa )−(q+1) . ,n−1}\{a} 28 A. Couvreur, A. –P. Tillich −(q+1) the computation of the vectors x0 and (x1 − 1)q+1 and we prove further that the knowledge of these two vectors provides that of x up to some Galois action. Let us now define precisely these codes C a (j).

