Computer algebra in coding theory and cryptanalysis

This book that represents the author's Ph.D. thesis is devoted to applying symbolic methods to the problems of decoding linear codes and of algebraic cryptanalysis. The initial problems are reformulated in terms of systems of polynomial equations over a finite field, which solution(s) should yield a way to solve the initial problems. Solutions of such systems are obtained using Gröbner bases. The first part is devoted to an application of system solving to decoding linear codes. The original method for arbitrary linear codes, which in some sense generalizes the Newton identities method, is proposed. Since for the method to work the "field equations" are not needed, it is possible to handle quite large codes. The second part is about the algebraic cryptanalysis of the AES. The systems usually considered in this area have many auxiliary variables that are not needed for the key recovery. Therefore, here the approach is provided where these variables are eliminated and a resulting system in key-variables only is then solved. This is shown to be effective for small scale variants of the AES especially when using several plain-/ciphertext pairs.

Autorentext

Dr. Stanislav Bulygin was born in Kyiv, Ukraine, in 1982. He received his Ph.D. degree from the University of Kaiserslautern, Germany, in 2009. Currently he is a scientific stuff member of the Center for Advanced Security Research Darmstadt, Germany. His scientific interests include computer algebra, coding theory, algebraic cryptology.

Klappentext

This book that represents the author's Ph.D. thesis is devoted to applying symbolic methods to the problems of decoding linear codes and of algebraic cryptanalysis. The initial problems are reformulated in terms of systems of polynomial equations over a finite field, which solution(s) should yield a way to solve the initial problems. Solutions of such systems are obtained using Gröbner bases. The first part is devoted to an application of system solving to decoding linear codes. The original method for arbitrary linear codes, which in some sense generalizes the Newton identities method, is proposed. Since for the method to work the field equations are not needed, it is possible to handle quite large codes. The second part is about the algebraic cryptanalysis of the AES. The systems usually considered in this area have many auxiliary variables that are not needed for the key recovery. Therefore, here the approach is provided where these variables are eliminated and a resulting system in key-variables only is then solved. This is shown to be effective for small scale variants of the AES especially when using several plain-/ciphertext pairs.