[Resource Topic] 2025/1523: Decoupling Support Enumeration and Value Discovery in Non-Binary ISD

Resource Attacks and cryptanalysis
1

Welcome to the resource topic for 2025/1523

Title:
Decoupling Support Enumeration and Value Discovery in Non-Binary ISD

Authors: Freja Elbro, Paolo Santini

Abstract:

Information Set Decoding (ISD) refers to a class of algorithms designed to decode arbitrary linear codes over finite fields. It is among the state-of-the-art methods for solving the Syndrome Decoding Problem (SDP), which lies at the core of code-based cryptography. Since most cryptographic systems operate over the binary field, ISD algorithms are generally designed for this setting. However, emerging cryptographic systems, such as SDitH, that rely on the SDP over non-binary fields, make research into non-binary ISD increasingly relevant. While there have been numerous improvements to ISD algorithms for binary fields, generalizations of these improvements to non-binary fields have resulted in only modest runtime improvements. The only technique which applies specifically to non-binary fields was proposed only last year by Carrier, Hatey and Tillich and consists in solving the SDP over the projective space.

In this paper we continue along this line of research and introduce a novel technique to perform ISD in non-binary fields. Our key idea consists in speeding-up the enumeration of low weight vectors by enumerating only the supports and not the actual values, since these can be recovered by solving a (small) linear system. This idea is at the core of LA-ISD, the first algorithm we propose in the paper. We further enhance it by exploiting a meet-in-the-middle search leading to MitM-LA, the second algorithm we propose in this paper. We analyze our algorithms in both the finite and asymptotic regimes and show that they compare well with competitive solutions. In particular, LA-ISD results in the best memory-less algorithm, while MitM-LA is (slightly) faster than the state-of-the-art algorithm by Carrier, Hatey and Tillich for many parameter-sets as well as asymptotically.

ePrint: https://eprint.iacr.org/2025/1523

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .