Simplified high-speed high-distance list decoding for alternant codes

  • Authors:

  • Daniel J. Bernstein

  • Affiliations:

  • Department of Computer Science, University of Illinois at Chicago, Chicago, IL

  • Venue:
  • PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

This paper presents a simplified list-decoding algorithm to correct any number w of errors in any alternant code of any length n with any designed distance t+1 over any finite field Fq ; in particular, in the classical Goppa codes used in the McEliece and Niederreiter public-key cryptosystems. The algorithm is efficient for w close to, and in many cases slightly beyond, the Fq Johnson bound $J'=n'-\sqrt{n'(n'-t-1)}$ where n′=n(q−1)/q, assuming t+1≤n′. In the typical case that $qn/t\in (\lg n)^{O(1)}$ and that the parent field has $(\lg n)^{O(1)}$ bits, the algorithm uses $n(\lg n)^{O(1)}$ bit operations for $w\le J'-n/(\lg n)^{O(1)}$ ; O(n4.5) bit operations for $w\le J'+o((\lg n)/\lg\lg n)$ ; and nO(1) bit operations for $w\le J'+O((\lg n)/\lg\lg n)$ .